Heiko Schlittermann (HS12-RIPE) [Thu, 28 Jan 2016 21:20:33 +0000 (22:20 +0100)]
Fix CVE-2016-1531
Add keep_environment, add_environment.
Change the working directory to "/" during the early startup
phase.
(cherry picked from commit
4af6f9baeffc937b4de28b9ce371e697a1609632)
(cherry picked from commit
0c8892dc00bf2223dffe18be12f07d8c4549b913)
(cherry picked from commit
fa927caf12b309a2c984ddff1adf4a299186d887)
(cherry picked from commit
bc3c7bb7d4aba3e563434e5627fe1f2176aa18c0)
(cherry picked from commit
2b92b67bfc33efe05e6ff2ea3852731ac2273832)
(cherry picked from commit
14b82c8b736c8ed24eda144f57703cb9feac6323)
(cherry picked from commit
9ca92d0c6e9c6f161bd8111366c6952d3a9315e2)
(cherry picked from commit
0020c6d9ecfd98ed7b2b337ed4f898fdc409784b)
(cherry picked from commit
e8f96966360ea8867ad6a8b5affda6c37fa4958c)
(cherry picked from commit
ef6fb807c1e1a665f444f644c60c77269f7c5209)
Todd Lyons [Mon, 26 May 2014 19:14:16 +0000 (12:14 -0700)]
SECURITY: DMARC uses From header untrusted data
CVE-2014-2957
To find the sending domain, expand_string() was used to directly parse
the contents of the From header. This passes untrusted data directly
into an internal function. Convert to use standard internal parsing
functions.
Phil Pennock [Fri, 25 Oct 2013 00:38:28 +0000 (20:38 -0400)]
Doc/Spec: section "Trust in configuration data"
Todd Lyons [Tue, 22 Oct 2013 12:11:33 +0000 (05:11 -0700)]
Merge branch 'master' of git://git.exim.org/exim
Todd Lyons [Tue, 22 Oct 2013 11:57:40 +0000 (04:57 -0700)]
Silence compiler string format warning
Todd Lyons [Sun, 20 Oct 2013 00:01:26 +0000 (17:01 -0700)]
Bug 1400: Fix GnuTLS PKCS11 issues
Can disable PKCS11 in Makefile with AVOID_GNUTLS_PKCS11 build flag.
Rename gnutls_enable_pkcs11 option to gnutls_allow_auto_pkcs11.
Update Changelog
Todd Lyons [Sat, 19 Oct 2013 14:17:36 +0000 (07:17 -0700)]
Tests: Don't delete patched exim if -KEEP is used
Todd Lyons [Sat, 19 Oct 2013 14:16:40 +0000 (07:16 -0700)]
Extra requires/notes for running test suite
Todd Lyons [Sat, 19 Oct 2013 13:53:59 +0000 (06:53 -0700)]
Bugzilla 1402 - Handle upper case chars in tests
Test 533 fails if there are any upper case chars in the path to the
test suite. Added caseful_local_part=true to the router which calls
the pipe.
Todd Lyons [Fri, 18 Oct 2013 18:49:57 +0000 (11:49 -0700)]
Adjust runtest -CONTINUE to work everywhere
Todd Lyons [Tue, 15 Oct 2013 20:41:21 +0000 (13:41 -0700)]
Format String safety
Todd Lyons [Tue, 15 Oct 2013 12:18:31 +0000 (05:18 -0700)]
Update copyright year in exim -bV output
Jeremy Harris [Sun, 13 Oct 2013 21:29:04 +0000 (22:29 +0100)]
Fix listnamed doc typos
Jeremy Harris [Sun, 13 Oct 2013 13:34:35 +0000 (14:34 +0100)]
Cross-ref av_scanner syntax to list syntax
Todd Lyons [Wed, 9 Oct 2013 20:40:49 +0000 (13:40 -0700)]
Added missing .new/.wen in spec.xpft
Todd Lyons [Wed, 9 Oct 2013 15:48:39 +0000 (08:48 -0700)]
Documentation for multiple TCP clamd servers
Todd Lyons [Fri, 9 Nov 2012 22:28:37 +0000 (14:28 -0800)]
Imported Bug 1057 multiple clamd patch from PLD repo
Todd Lyons [Tue, 8 Oct 2013 18:00:33 +0000 (11:00 -0700)]
Bug 1150: Enhance docs for ${addresses:} expansion
Jeremy Harris [Mon, 7 Oct 2013 19:47:54 +0000 (20:47 +0100)]
Fix TPDA text.
Credit Axel Rau for careful proofreading.
Todd Lyons [Mon, 7 Oct 2013 02:31:57 +0000 (19:31 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Todd Lyons [Mon, 7 Oct 2013 02:21:55 +0000 (19:21 -0700)]
Bug 1289: Clarify host list processing failures
Enhance explanation of +ignore_unknown.
Jeremy Harris [Sun, 6 Oct 2013 17:31:15 +0000 (18:31 +0100)]
Typo in docs: routing rules mentioned in retry rules section. Bug 1349
Jeremy Harris [Sun, 6 Oct 2013 17:05:48 +0000 (18:05 +0100)]
Make smtp_accept_max_per_connection option text searchable. Bug 1361
Same fix as for 1197; abandon attempt to permit intelligent wrapping of the text
Todd Lyons [Sat, 5 Oct 2013 15:41:29 +0000 (08:41 -0700)]
Add exiqsumm fix to ChangeLog
Todd Lyons [Sat, 5 Oct 2013 15:31:49 +0000 (08:31 -0700)]
Fix exiqsumm output for single queue item.
Patch from Richard Hall, with one minor addition to prevent
uninitialized value error during output.
Wolfgang Breyha [Fri, 4 Oct 2013 20:02:44 +0000 (13:02 -0700)]
Bug 1392: Change status text when no dmarc record
Ted Cooper [Fri, 4 Oct 2013 00:17:19 +0000 (10:17 +1000)]
Fix DKIM variable name in documentation.
Todd Lyons [Thu, 3 Oct 2013 23:35:05 +0000 (16:35 -0700)]
Print tarball names in debug mode too
Todd Lyons [Thu, 3 Oct 2013 23:29:52 +0000 (16:29 -0700)]
Filter xfpt needs new macro too
Phil Pennock [Thu, 3 Oct 2013 20:13:52 +0000 (16:13 -0400)]
Finish the xfpt fix.
The readers of the version expect no surrounding whitespace; putting the
content in-place requires macro expansion, which requires that .literal
mode be `layout` or `off`, but either of those will escape the XML angle
brackets. The easiest fix is to generate the XML as part of the macro
definition.
Moved local_params rules out of Makefile and into GenLocalParams
Todd Lyons [Thu, 3 Oct 2013 23:24:14 +0000 (16:24 -0700)]
Bug 1389: Initialize and clear variables
Todd Lyons [Thu, 3 Oct 2013 23:11:04 +0000 (16:11 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Phil Pennock [Thu, 3 Oct 2013 18:50:09 +0000 (14:50 -0400)]
Unbreak HTML build for RC candidates.
The HTML build now uses the website repo, which extracts the version
number from the XML (generated from the .xfpt). Meanwhile, commit
2aee48d6 made the version number in the build process dynamic, taking
the value from the release script (via an environ variable).
This change fixes the invocation to pass the version _without_ an RC
suffix to the XML build, letting HTML generation happen.
Todd Lyons [Thu, 3 Oct 2013 16:34:44 +0000 (09:34 -0700)]
Mention Redis lookup in NewStuff
Todd Lyons [Thu, 3 Oct 2013 13:42:26 +0000 (06:42 -0700)]
Setting LC_ALL with make overrode this sort check
Todd Lyons [Thu, 3 Oct 2013 02:21:22 +0000 (19:21 -0700)]
Fix docbook paths for xml generation
Todd Lyons [Tue, 1 Oct 2013 16:24:19 +0000 (09:24 -0700)]
Bugzilla 1217: Experimental Redis lookup
Add want_experimental() test in the script to create the lookups
Makefile to ease detection of requested Experimental features, and
simplify the #ifdef guards in the redis.c.
Jeremy Harris [Mon, 30 Sep 2013 19:24:13 +0000 (20:24 +0100)]
Do not use MSG_NOSIGNAL on send() in ${udpsend}
Some non-Posix systems don't define it. Anyway, Exim ignores SIGPIPE for most purposes.
Todd Lyons [Mon, 30 Sep 2013 19:55:44 +0000 (12:55 -0700)]
Merge branch 'patch-3' of https://github.com/bes-internal/exim into master_dmarc_doc
Todd Lyons [Mon, 30 Sep 2013 18:56:42 +0000 (11:56 -0700)]
Added documentation of features, acknowledgements
Todd Lyons [Mon, 30 Sep 2013 18:24:44 +0000 (11:24 -0700)]
Add ratelimit doc addition to ChangeLog
Todd Lyons [Mon, 30 Sep 2013 18:22:58 +0000 (11:22 -0700)]
Typo re-fix in ratelimit.pl doc
Todd Lyons [Mon, 30 Sep 2013 18:20:46 +0000 (11:20 -0700)]
Merge branch 'patch-1' of https://github.com/bes-internal/exim into master-bes-ratelimit.pl
Todd Lyons [Mon, 30 Sep 2013 18:10:50 +0000 (11:10 -0700)]
Merge branch 'master_tpda'
Todd Lyons [Mon, 30 Sep 2013 17:52:50 +0000 (10:52 -0700)]
Adjust test build link paths.
Details at: http://comments.gmane.org/gmane.mail.exim.user/91154
Add ignore for a logfile from test run.
Jeremy Harris [Mon, 30 Sep 2013 17:12:12 +0000 (10:12 -0700)]
Bug 1031: Experimental TPDA
Remove whitespace
Todd Lyons [Mon, 30 Sep 2013 17:08:53 +0000 (10:08 -0700)]
Remove whitespace
bes-internal [Mon, 30 Sep 2013 15:06:06 +0000 (18:06 +0300)]
fix dmarc_status condition documentation
Phil Pennock [Mon, 30 Sep 2013 04:57:07 +0000 (00:57 -0400)]
Fix dovecot with empty 334 challenge.
Thomas Morper reported, with 4.82RC1, that he saw "334 NULL" as the
challenge when using AUTH PLAIN to Dovecot when the client does not send
an initial response. I could replicate.
This was caused by commit
3f1df0e3 on 2012-11-19 (PP/13 of 4.82); I was
too cautious in the robustness fixes; the clue came in this line of
debug output:
76430 dovecot: warning: ignoring trailing tab
This change removes that check, and documents in a comment that this
input is acceptable protocol-wise, and why.
With this fix:
AUTH PLAIN
334
AGZyZWRlcmljAGh1bXB0eS1kdW1wdHk=
235 Authentication succeeded
bes-internal [Sat, 28 Sep 2013 18:26:02 +0000 (21:26 +0300)]
small typo
Jeremy Harris [Sat, 28 Sep 2013 12:49:33 +0000 (13:49 +0100)]
Correct spelling of dmarc_disable_verify
Jeremy Harris [Sat, 28 Sep 2013 12:46:04 +0000 (13:46 +0100)]
Add cscope.files build target
Jeremy Harris [Sat, 28 Sep 2013 12:31:43 +0000 (13:31 +0100)]
Fix non-IPv6 compile on v6-less system
bes-internal [Sat, 28 Sep 2013 11:01:32 +0000 (14:01 +0300)]
ratelimit.pl: format usage section, print debug to STDERR, add examples
Phil Pennock [Sat, 28 Sep 2013 00:47:52 +0000 (20:47 -0400)]
Document hexquote & udpsend in NewStuff/ChangeLog
Tony documented his new features in
7a5698fa; this change simply adds
them to the list of things that have changed.
Phil Pennock [Thu, 26 Sep 2013 18:18:09 +0000 (11:18 -0700)]
Clarify CL: the CVE security fix already in 4.80.1
On re-reading the text for 4.82, it read as though there were a new
security fix which might require an upgrade. Clarified that this fix
has already been released (in 4.80.1).
Todd Lyons [Tue, 24 Sep 2013 15:37:29 +0000 (08:37 -0700)]
Additions to the NewStuff summary file
Todd Lyons [Mon, 23 Sep 2013 23:31:31 +0000 (16:31 -0700)]
Add documentation for new $authenticated_fail_id
Todd Lyons [Tue, 10 Sep 2013 21:09:51 +0000 (14:09 -0700)]
Bug 1287 - Fix tls_require_cert
Todd Lyons [Wed, 4 Sep 2013 20:22:51 +0000 (13:22 -0700)]
Prevent TLS rebinding in LDAP connections
Bugzilla 1375
Todd Lyons [Thu, 12 Sep 2013 19:37:39 +0000 (12:37 -0700)]
Add expansion $authenticated_fail_id
Jeremy Harris [Sun, 15 Sep 2013 16:42:44 +0000 (17:42 +0100)]
ChangeLog
Jeremy Harris [Sun, 15 Sep 2013 15:41:40 +0000 (16:41 +0100)]
Fix numeric comparisons for 64b. Bug 1385
Phil Pennock [Wed, 4 Sep 2013 21:41:47 +0000 (14:41 -0700)]
ChangeLog is in chronological order within each release.
numbers are sequential, namespaced by users.
Todd Lyons [Wed, 4 Sep 2013 20:13:57 +0000 (13:13 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Todd Lyons [Wed, 4 Sep 2013 20:12:54 +0000 (13:12 -0700)]
Make sender/recipient search case-insensitive
Phil Pennock [Wed, 4 Sep 2013 17:58:51 +0000 (10:58 -0700)]
tls_dhparam size constraint suggestions.
Between NSS and Debian patching of older Exim releases, there's a narrow
range of values likely to interoperate well. Document this.
Phil Pennock [Sun, 1 Sep 2013 22:24:04 +0000 (15:24 -0700)]
GnuTLS website moves
Phil Pennock [Wed, 31 Jul 2013 22:50:04 +0000 (18:50 -0400)]
Fix segfault in stdio with non-SMTP MIME ACL.
When injecting a message locally in non-SMTP mode, and with MIME ACLs
configured, if the ACL rejected the message, Exim would try to
`fprintf(NULL, "%s", the_message)`. This fixes that.
Most ACLs are plumbed in SMTP-only and looking through the others in
receive.c, they all appear to be safely guarded, so it was just this one
that slipped through.
Crash report and assistance tracking down the root cause from Warren
Baker.
Jeremy Harris [Sun, 21 Jul 2013 23:06:04 +0000 (00:06 +0100)]
Fix debug output in ${acl }
Jeremy Harris [Sun, 21 Jul 2013 16:31:55 +0000 (17:31 +0100)]
More tidying of ACL-config skip
Jeremy Harris [Sun, 21 Jul 2013 11:50:53 +0000 (12:50 +0100)]
Remove ACL-config skip so that ${acl } expansions work from queue-runs.
Previously we skipped parsing the ACL section when not needed. Now it is
potentially needed in all cases. The skip was ~5% faster than a full parse
so probably not a large part of the exim process startup.
Fix up testsuite output files affected by the removal and add a regression test.
Todd Lyons [Fri, 12 Jul 2013 17:04:12 +0000 (10:04 -0700)]
Add gdb history file to git ignore
Jeremy Harris [Tue, 2 Jul 2013 23:07:12 +0000 (00:07 +0100)]
Add test for ${hexquote:
Jeremy Harris [Sun, 30 Jun 2013 14:50:35 +0000 (15:50 +0100)]
Add notes and helper-script for OCSP
Todd Lyons [Wed, 19 Jun 2013 21:55:03 +0000 (14:55 -0700)]
Use function macro instead of explicit arg cast.
Todd Lyons [Wed, 19 Jun 2013 16:36:11 +0000 (09:36 -0700)]
Quiet signedness compiler warnings.
Phil Pennock [Mon, 17 Jun 2013 01:32:11 +0000 (21:32 -0400)]
Support safari_ecdhe_ecdsa_bug for openssl_options
Phil Pennock [Mon, 10 Jun 2013 06:50:18 +0000 (02:50 -0400)]
Guard LDAP TLS usage against Solaris LDAP variant.
PP/22
Report from Prashanth Katuri.
This variant ensures that if TLS won't be activated because of
compile-time guards, but was requested, then we at least debug-log _why_
we're not doing anything.
Phil Pennock [Tue, 4 Jun 2013 21:34:36 +0000 (17:34 -0400)]
Fix eximon continuous updating with timestamped log-files.
Report and fix from Heiko Schlichting.
Fixes 1363.
Jeremy Harris [Sat, 25 May 2013 19:49:46 +0000 (20:49 +0100)]
Add doc comment on use of forany.
Tony Finch [Fri, 24 May 2013 10:07:46 +0000 (11:07 +0100)]
readconf: clarify a retry rule parsing error message
Submitted by: Paul Osborne <paul.osborne@canterbury.ac.uk>
Tony Finch [Thu, 23 May 2013 15:58:32 +0000 (16:58 +0100)]
Documentation for udpsend and ${hexquote:
Tony Finch [Fri, 12 Oct 2012 13:54:07 +0000 (14:54 +0100)]
The udpsend ACL modifier.
This is for reporting mailer activity without going via the log files.
Tony Finch [Fri, 12 Oct 2012 13:52:28 +0000 (14:52 +0100)]
${hexquote: expansion operator
This converts octets outside the range 0x21-0x7E (the ASCII
graphic characters) to \xNN hex escapes.
Jeremy Harris [Wed, 22 May 2013 17:49:49 +0000 (18:49 +0100)]
Merge branch 'callout_auth'
Jeremy Harris [Wed, 22 May 2013 00:09:08 +0000 (01:09 +0100)]
Log AUTH info on cutthrough deliveries.
Jeremy Harris [Tue, 21 May 2013 17:32:27 +0000 (18:32 +0100)]
Typo in doc source.
Jeremy Harris [Sun, 19 May 2013 17:14:50 +0000 (18:14 +0100)]
Support AUTH for verify-callout and cutthrough-delivery.
Refactored smtp transport to pull out AUTH-related routines so they could be
also called from the verify code.
Bugs 321, 823.
Jeremy Harris [Sun, 12 May 2013 21:31:36 +0000 (22:31 +0100)]
Add compile-time checks for various tables being in alphabetical order.
This is gross hackery and somewhat fragile. A better method would
actuallyt compile the 'C' involved and check programmatically.
Todd Lyons [Wed, 8 May 2013 12:46:00 +0000 (05:46 -0700)]
Fix dns_retry definition.
Was placed in non-alphabetical order.
Phil Pennock [Mon, 6 May 2013 01:32:09 +0000 (21:32 -0400)]
Security considerations: running local commands
Call out the dangers of use_shell in the security considerations
chapter.
Call out a number of related dangers too.
Jeremy Harris [Sun, 21 Apr 2013 18:21:25 +0000 (19:21 +0100)]
Use enum for cutthrough receive processing state.
Jeremy Harris [Sun, 21 Apr 2013 17:59:06 +0000 (18:59 +0100)]
Document PRDR, OCSP & DMARC options in OptionLists file.
Todd Lyons [Fri, 19 Apr 2013 21:21:40 +0000 (14:21 -0700)]
Add entry to Changelog.
Todd Lyons [Tue, 16 Apr 2013 20:25:59 +0000 (13:25 -0700)]
Remove static from local variable declaration.
Todd Lyons [Tue, 9 Apr 2013 19:41:50 +0000 (12:41 -0700)]
Fix history file logging to use correct variables
Remove SPF domain synthesis, just use HELO.
Todd Lyons [Mon, 8 Apr 2013 17:13:28 +0000 (10:13 -0700)]
Withhold TLD load error if not defined in conf
Todd Lyons [Fri, 5 Apr 2013 17:45:55 +0000 (10:45 -0700)]
Move DKIM endif.
Fix a few cosmetic differences.
Todd Lyons [Mon, 1 Apr 2013 18:36:30 +0000 (11:36 -0700)]
DMARC documentation and license