From: Jeremy Harris Date: Sat, 4 Nov 2023 14:20:45 +0000 (+0000) Subject: Merge branch '4.next' X-Git-Tag: exim-4.98-RC0~138 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/51894f20e0c03113b4c4e07898ac5e955b21ec41 Merge branch '4.next' --- 51894f20e0c03113b4c4e07898ac5e955b21ec41 diff --cc doc/doc-txt/ChangeLog index 4306cabc0,c1b577f62..990e72823 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@@ -2,6 -2,17 +2,20 @@@ This document describes *changes* to pr affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. -Since 4.97 ++Exim version 4.98 + ----------------- + -JH/01 Handle error on close of the spool data file during reception. Previously ++JH/01 Support list of dkim results in the dkim_status ACL condition, making ++ it more usable in the data ACL. ++ ++JH/02 Handle error on close of the spool data file during reception. Previously + This was only logged, on the assumption that errors would be seen for + a previous fflush(). However, a fuse filesystem has been reported as + showing this an error for the fclose(). The spool is now in an uncertain + state, and we have logged and responded acceptance. Change this to + respond with a temp-reject, wipe spoolfiles, and log the error detail. + + Exim version 4.97 ----------------- @@@ -193,27 -204,10 +207,28 @@@ JH/38 Taint-track intermediate values f JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings and ${tr...}. Found and diagnosed by Heiko Schlichting. -JH/40 Support list of dkim results in the dkim_status ACL condition, making - it more usable in the data ACL. +JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which + could be triggered by externally-supplied input. Found by Trend Micro. + CVE-2023-42115 + +JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42116 + +JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could + be triggered by externally-controlled input. Found by Trend Micro. + CVE-2023-42114 + +JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address. + Make the rewrite never match and keep the logging. Trust the + admin to be using verify=header-syntax (to actually reject the message). + +JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses. + CVE-2023-42219 + +HS/02 Fix string_is_ip_address() CVE-2023-42117 (Bug 3031) + Exim version 4.96 ----------------- diff --cc doc/doc-txt/NewStuff index af084448b,beca9748c..6aef41e50 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@@ -6,6 -6,10 +6,10 @@@ Before a formal release, there may be q test from the snapshots or the Git before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. -Since 4.97 ++Version 4.98 + ------------ - 1. The dkim_status ACL condition may not be used in data ACLs ++ 1. The dkim_status ACL condition may now be used in data ACLs + Version 4.97 ------------