X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/dbbf21a75d225871cb7a44878ece42c5d79a1a2c..00b35aee4cdc8a002b537d51585f925aba19db09:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 6d1b2631b..a71cb9f0f 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,10 +1,19 @@ -Change log file for Exim from version 4.21 ------------------------------------------- This document describes *changes* to previous versions, that might affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. +Exim version 4.93+fixes +----------------------- +This is not an official release. It is just a branch, collecting +proposed bugfixes. Depending on your environment the fixes may be +necessary to build and/or run Exim successfully. + +JH/07 Bug 2489: Fix crash in the "pam" expansion condition. It seems that the + PAM library frees one of the arguments given to it, despite the + documentation. Therefore a plain malloc must be used. + + Exim version 4.93 ----------------- @@ -70,10 +79,10 @@ HS/01 Bug 2390: Use message_id for tempfile creation to avoid races in a systems which restrict the file name length to lower values. (It was "hdr.$pid".) -HS/01 Bug 2390: Use message_id for tempfile creation to avoid races in a +HS/02 Bug 2390: Use message_id for tempfile creation to avoid races in a shared (NFS) environment. -HS/02 Bug 2392: exigrep does case sensitive *option* processing (as it +HS/03 Bug 2392: exigrep does case sensitive *option* processing (as it did for all versions <4.90). Notably -M, -m, --invert, -I may be affected. @@ -164,12 +173,65 @@ JH/34 Fix crash after TLS shutdown. When the TCP/SMTP channel was left open, JH/35 Bug 2409: filter out-of-spec chars from callout response before using them in our smtp response. -JH/35 Have the general router option retry_use_local_part default to true when +JH/36 Have the general router option retry_use_local_part default to true when any of the restrictive preconditions are set (to anything). Previously it was only for check_local user. The change removes one item of manual configuration which is required for proper retries when a remote router handles a subset of addresses for a domain. +JH/37 Appendfile: when evaluating quota use (non-quota_size_regex) take the file + link count into consideration. + +HS/04 Fix handling of very log lines in -H files. If a - line + caused the extension of big_buffer, the following lines were ignored. + +JH/38 Bug 1395: Teach the DNS negative-cache about TTL value from the SOA in + accordance with RFC 2308. Previously there was no expiry, so a longlived + receive process (eg. due to ACL delays) versus a short SOA value could + surprise. + +HS/05 Handle trailing backslash gracefully. (CVE-2019-15846) + +JH/39 Promote DMARC support to mainline. + +JH/40 Bug 2452: Add a References: header to DSNs. + +JH/41 With GnuTLS 3.6.0 (and later) do not attempt to manage Diffie-Hellman + parameters. The relevant library call is documented as "Deprecated: This + function is unnecessary and discouraged on GnuTLS 3.6.0 or later. Since + 3.6.0, DH parameters are negotiated following RFC7919." + +HS/06 Change the default of dnssec_request_domains to "*" + +JH/42 Bug 2545: Fix CHUNKING for all RCPT commands rejected. Previously we + carried on and emitted a BDAT command, even when PIPELINING was not + active. + +JH/43 Bug 2465: Fix taint-handling in dsearch lookup. Previously a nontainted + buffer was used for the filename, resulting in a trap when tainted + arguments (eg. $domain) were used. + +JH/44 With OpenSSL 1.1.1 (onwards) disable renegotiation for TLS1.2 and below; + recommended to avoid a possible server-load attack. The feature can be + re-enabled via the openssl_options main cofiguration option. + +JH/45 local_scan API: documented the current smtp_printf() call. This changed + for version 4.90 - adding a "more data" boolean to the arguments. + Bumped the ABI version number also, this having been missed previously; + release versions 4.90 to 4.92.3 inclusive were effectively broken in + respect of usage of smtp_printf() by either local_scan code or libraries + accessed via the ${dlfunc } expansion item. Both will need coding + adjustment for any calls to smtp_printf() to match the new function + signature; a FALSE value for the new argument is always safe. + +JH/46 FreeBSD: fix use of the sendfile() syscall. The shim was not updating + the file-offset (which the Linux syscall does, and exim expects); this + resulted in an indefinite loop. + +JH/47 ARC: fix crash in signing, triggered when a configuration error failed + to do ARC verification. The Authentication-Results: header line added + by the configuration then had no ARC item. + Exim version 4.92 -----------------