Jeremy Harris [Fri, 29 Dec 2023 16:11:02 +0000 (16:11 +0000)]
Docs: CVE note
Cherry-picked from:
5a8fc0799314
Jeremy Harris [Fri, 29 Dec 2023 15:29:27 +0000 (15:29 +0000)]
Tidying: defines for sync_responses() retcodes
Jeremy Harris [Fri, 29 Dec 2023 12:40:22 +0000 (12:40 +0000)]
DKIM: logging for signing in transport. Bug 3062
Jeremy Harris [Mon, 25 Dec 2023 16:50:23 +0000 (16:50 +0000)]
Testsuite: testcase for "smtp smuggling". Bug 3063
Also remove the unneeded sync point added in
cf1376206284
Jeremy Harris [Sat, 23 Dec 2023 17:42:57 +0000 (17:42 +0000)]
Reject "dot, LF" as ending data phase (pt. 2). Bug 3063
Jeremy Harris [Sat, 23 Dec 2023 15:59:53 +0000 (15:59 +0000)]
Use enum for body data input state-machine
Jeremy Harris [Fri, 22 Dec 2023 23:57:05 +0000 (23:57 +0000)]
Reject "dot, LF" as ending data phase. Bug 3063
Jeremy Harris [Thu, 21 Dec 2023 23:33:10 +0000 (23:33 +0000)]
tweak observability
Jeremy Harris [Mon, 18 Dec 2023 14:37:30 +0000 (14:37 +0000)]
Docs: more indexing for localhost_number
Jeremy Harris [Sat, 16 Dec 2023 17:37:30 +0000 (17:37 +0000)]
Testsuite: spilt testcase
Jeremy Harris [Sat, 16 Dec 2023 17:15:46 +0000 (17:15 +0000)]
Teststsuite: shuffle testcases
Jeremy Harris [Sat, 16 Dec 2023 16:31:06 +0000 (16:31 +0000)]
tidying
Jeremy Harris [Fri, 15 Dec 2023 21:05:32 +0000 (21:05 +0000)]
Fix periodic queue runs. Bug 3046
Broken-by: 7d5055276a22
Jeremy Harris [Thu, 7 Dec 2023 19:59:35 +0000 (19:59 +0000)]
Handle expansion fails in router "set" options. Bug 3058
Jeremy Harris [Wed, 6 Dec 2023 22:08:08 +0000 (22:08 +0000)]
typo
Broken-by: 5930166b4433
Jeremy Harris [Wed, 6 Dec 2023 19:54:40 +0000 (19:54 +0000)]
Logging: ensure that an error for a mistyped IPv6 address in a search
list is available for logging. Bug 3057
Hendrik Jäger [Wed, 6 Dec 2023 14:00:13 +0000 (14:00 +0000)]
Docs: typo
Jeremy Harris [Wed, 6 Dec 2023 12:25:14 +0000 (12:25 +0000)]
Supply strchrnul() for platforms apparently missing it
Broken-by: 2658a023286f
Jeremy Harris [Tue, 5 Dec 2023 21:23:46 +0000 (21:23 +0000)]
DKIM: tighten up parsing for DKIM DNS and header records. Bug 3056
Jeremy Harris [Tue, 5 Dec 2023 17:49:06 +0000 (17:49 +0000)]
Compiler quietening
Jeremy Harris [Fri, 1 Dec 2023 16:51:13 +0000 (16:51 +0000)]
Testsuite: output changes resulting
Jeremy Harris [Fri, 1 Dec 2023 15:44:57 +0000 (15:44 +0000)]
Avoid trying to send smtp repoonse for non-smtp input, on datafile close error
Broken-by: f70940c9489d
Jeremy Harris [Mon, 27 Nov 2023 17:51:25 +0000 (17:51 +0000)]
Build: fix for Solaris 11
Jeremy Harris [Sun, 26 Nov 2023 20:28:07 +0000 (20:28 +0000)]
Unbreak DISABLE_TLS_RESUME build
Broken-by: 5d5ad9fb16a2
Jeremy Harris [Sat, 25 Nov 2023 16:47:35 +0000 (16:47 +0000)]
DMARC: fix reporting, ARC-support but not in message
Jeremy Harris [Sat, 25 Nov 2023 15:46:12 +0000 (15:46 +0000)]
DMARC: fix reporting, no-ARC-support case
Jeremy Harris [Sun, 19 Nov 2023 11:31:45 +0000 (11:31 +0000)]
Support old-format message_id spoolfiles for mailq / -bp. Bug 3050
Broken-by: 46a36afae41f
Jeremy Harris [Fri, 17 Nov 2023 20:27:16 +0000 (20:27 +0000)]
Testsuite: support for multi-chunk DNS TXT records; more cases for dnsdb
adds to:
79670d3c32cc
Jeremy Harris [Fri, 17 Nov 2023 16:55:17 +0000 (16:55 +0000)]
Lookups: Fix dnsdb lookup of multi-chunk TXT. Bug 3054
Broken=by:
f6b1f8e7d642
Andrew Aitchison [Thu, 16 Nov 2023 17:09:57 +0000 (17:09 +0000)]
Compiler quiteneing
Andrew Aitchison [Thu, 16 Nov 2023 17:04:26 +0000 (17:04 +0000)]
Docs: fix local_scan decsription for new message-id format. Bug 3051
Broken-by: 46a36afae41f
Jeremy Harris [Wed, 15 Nov 2023 02:14:02 +0000 (02:14 +0000)]
constification
Jeremy Harris [Tue, 14 Nov 2023 12:10:36 +0000 (12:10 +0000)]
Check for missing commandline arg after options taking one. Bug 3049
Jeremy Harris [Tue, 14 Nov 2023 14:08:36 +0000 (14:08 +0000)]
constification
Jeremy Harris [Mon, 13 Nov 2023 18:12:31 +0000 (18:12 +0000)]
TLS: fix resumption for TLS-on-connect
Jeremy Harris [Fri, 10 Nov 2023 14:37:23 +0000 (14:37 +0000)]
fix doubled logging of message_id
Jeremy Harris [Wed, 8 Nov 2023 14:22:37 +0000 (14:22 +0000)]
typoes
Jeremy Harris [Tue, 7 Nov 2023 19:38:22 +0000 (19:38 +0000)]
Fix use of empty log_reject_target. Bug 3039
Broken-by: 4243a209fd94
Jeremy Harris [Tue, 7 Nov 2023 15:02:18 +0000 (15:02 +0000)]
OpenSSL: fix non-DANE build
Jeremy Harris [Sun, 5 Nov 2023 23:19:31 +0000 (23:19 +0000)]
Docs: requirements for transport filter processes
Jeremy Harris [Sun, 5 Nov 2023 21:29:53 +0000 (21:29 +0000)]
DANE: handle servefail for TLSA during Rverify. Bug 3030
Jeremy Harris [Sat, 4 Nov 2023 14:20:45 +0000 (14:20 +0000)]
Merge branch '4.next'
Jeremy Harris [Sat, 4 Nov 2023 14:19:05 +0000 (14:19 +0000)]
Docs: tidy for next release
Jeremy Harris [Sat, 4 Nov 2023 12:55:05 +0000 (12:55 +0000)]
Copyright updates:
vi $(git log --name-status --grep=SPDX: --invert-grep exim-4.96..master | awk '/^M/{print $2}' | grep -v '^test/' | sort -u)
Jeremy Harris [Thu, 5 Oct 2023 12:26:13 +0000 (13:26 +0100)]
Docs: try to be even more clear on the ${run...} expansion
Wolfgang Breyha [Fri, 20 Oct 2023 14:02:38 +0000 (15:02 +0100)]
Fix exipick for new message-id format
Broken-by: 46a36afae41f
Lutz Pressler [Fri, 20 Oct 2023 19:34:02 +0000 (21:34 +0200)]
fix: typo
Jeremy Harris [Sun, 15 Oct 2023 11:15:06 +0000 (12:15 +0100)]
DNS: more hardening against crafted responses
Heiko Schlittermann (HS12-RIPE) [Sat, 22 Oct 2022 21:15:44 +0000 (23:15 +0200)]
Add systemd units (examples)
- daemon
- socket activation
- socket activation (inetd mode)
- queuerunner
- maintainance
Heiko Schlittermann (HS12-RIPE) [Tue, 17 Oct 2023 10:53:44 +0000 (12:53 +0200)]
tidy: remove unused variables
Jeremy Harris [Mon, 16 Oct 2023 11:17:53 +0000 (12:17 +0100)]
Tidying: massage to project coding style
Jeremy Harris [Mon, 16 Oct 2023 10:54:50 +0000 (11:54 +0100)]
Use project-standard memory management rather than alloca()
Heiko Schlittermann (HS12-RIPE) [Sun, 15 Oct 2023 17:53:25 +0000 (19:53 +0200)]
Merge branch 'exim-4.96+security' into master+security
* exim-4.96+security:
docs: Changelog
Harden dnsdb against crafted DNS responses. Bug 3033
SPF: harden against crafted DNS responses
fix: string_is_ip_address (CVE-2023-42117) Bug 3031
Testsuite: Add testcases for string_is_ip_address (CVE-2023-42117)
Heiko Schlittermann (HS12-RIPE) [Sat, 14 Oct 2023 21:55:23 +0000 (23:55 +0200)]
docs: Changelog
Jeremy Harris [Tue, 10 Oct 2023 22:03:28 +0000 (23:03 +0100)]
Harden dnsdb against crafted DNS responses. Bug 3033
(cherry picked from commit
8787c8994f07c23c3664d76926e02f07314d699d)
Jeremy Harris [Tue, 10 Oct 2023 11:45:27 +0000 (12:45 +0100)]
SPF: harden against crafted DNS responses
(cherry picked from commit
4f07f38374f8662c318699fb30432273ffcfe0d3)
Heiko Schlittermann (HS12-RIPE) [Sat, 14 Oct 2023 21:33:07 +0000 (23:33 +0200)]
fix: proxy-protocol (CVE-2023-41227) Bug 3031
* fix-CVE-2023-42117:
fix: string_is_ip_address (CVE-2023-42117) (closes 3031)
Testsuite: Add testcases for string_is_ip_address (CVE-2023-42117)
Heiko Schlittermann (HS12-RIPE) [Thu, 5 Oct 2023 20:49:57 +0000 (22:49 +0200)]
fix: string_is_ip_address (CVE-2023-42117) Bug 3031
Heiko Schlittermann (HS12-RIPE) [Sat, 7 Oct 2023 11:07:59 +0000 (13:07 +0200)]
Testsuite: Add testcases for string_is_ip_address (CVE-2023-42117)
Jeremy Harris [Sat, 14 Oct 2023 21:29:08 +0000 (22:29 +0100)]
Handle error on close of spool data file
Jeremy Harris [Sat, 14 Oct 2023 21:27:41 +0000 (22:27 +0100)]
Tidying: readability defines
Jeremy Harris [Sat, 14 Oct 2023 21:26:50 +0000 (22:26 +0100)]
Testsuite: output changes resulting
Broken-by: 06175ac09a1e
Jeremy Harris [Tue, 10 Oct 2023 11:45:27 +0000 (12:45 +0100)]
SPF: harden against crafted DNS responses
Simon Arlott [Tue, 10 Oct 2023 11:31:58 +0000 (12:31 +0100)]
Fix crash in SPF DNS usage
Broken-by: 8ab9474f0355
Bernard Quatermass [Thu, 5 Oct 2023 20:35:12 +0000 (21:35 +0100)]
Testsuite: retire perl smartmatch use
Recent perl versions whine that smartmatch is deprecated
Jeremy Harris [Thu, 5 Oct 2023 16:43:45 +0000 (17:43 +0100)]
SPF: fix looking at RRs when dns lookup does not return success
Jeremy Harris [Thu, 5 Oct 2023 12:25:01 +0000 (13:25 +0100)]
Docs: Fix variable name,. Bug 3034
Broken-by: 8c226c7c8917
Heiko Schlittermann (HS12-RIPE) [Tue, 3 Oct 2023 22:33:22 +0000 (00:33 +0200)]
doc: markup improvement for tcp:connect (closes 3034)
suggested by: u34@net9.cf
Heiko Schlittermann (HS12-RIPE) [Tue, 3 Oct 2023 22:17:47 +0000 (00:17 +0200)]
mailmap: real name for bes-internal
Vladimir Varlamov [Tue, 3 Oct 2023 22:15:09 +0000 (00:15 +0200)]
fix spec typo
Jeremy Harris [Mon, 2 Oct 2023 12:24:29 +0000 (13:24 +0100)]
Merge branch 'exim-4.96+security'
Jeremy Harris [Tue, 12 Sep 2023 19:52:35 +0000 (20:52 +0100)]
Debug: more detail for ${reduce...} ${map...} ${filter...}
Heiko Schlittermann (HS12-RIPE) [Sat, 30 Sep 2023 20:52:59 +0000 (22:52 +0200)]
update Changelog about security fixes
Jeremy Harris [Thu, 11 May 2023 20:08:08 +0000 (21:08 +0100)]
Auths: fix possible OOB read in SPA authenticator. Bug 3001
(cherry picked from commit
04107e98d58efb69f7e2d7b81176e5374c7098a3)
Jeremy Harris [Thu, 11 May 2023 18:31:54 +0000 (19:31 +0100)]
Auths: fix possible OOB write in SPA authenticator. Bug 3000
(cherry picked from commit
e17b8b0f19b25a223b0cc41933b881c3a1073e61)
Jeremy Harris [Thu, 11 May 2023 17:53:25 +0000 (18:53 +0100)]
Auths: use uschar more in spa authenticator
(cherry picked from commit
0519dcfb5f149154a416b54865fd8026abb57791)
Jeremy Harris [Thu, 11 May 2023 17:02:43 +0000 (18:02 +0100)]
Auths: fix possible OOB write in external authenticator. Bug 2999
(cherry picked from commit
7bb5bc2c6592e062bf0b514cc71afd2d93e2e0dd)
Hendrik Jäger [Fri, 29 Sep 2023 12:47:36 +0000 (13:47 +0100)]
Docs: tidying
Jeremy Harris [Wed, 27 Sep 2023 09:44:10 +0000 (10:44 +0100)]
Testsute: output changes resulting
Broken-by: 06175ac09a1e
Jeremy Harris [Mon, 25 Sep 2023 08:48:00 +0000 (09:48 +0100)]
DKIM: support list-version of $dkim_verify_status, and data ACL
Kurt Jaeger [Tue, 26 Sep 2023 20:13:39 +0000 (21:13 +0100)]
typo
Jeremy Harris [Tue, 26 Sep 2023 17:07:58 +0000 (18:07 +0100)]
Docs: more detail for DKIM
Jeremy Harris [Sun, 24 Sep 2023 20:05:44 +0000 (21:05 +0100)]
Testsuite: munge for EXPERIMENTAL_DSN_INFO
Broken-by: e2fe20104068
Jeremy Harris [Sun, 24 Sep 2023 19:50:26 +0000 (20:50 +0100)]
more detail in error messages
Jeremy Harris [Sun, 24 Sep 2023 18:41:05 +0000 (19:41 +0100)]
Testsuite: use actual hostname in SRS testcase
Dean Brooks [Sun, 24 Sep 2023 18:24:38 +0000 (19:24 +0100)]
Docs: inbound_srs behavior for empty secret. Bug 3025
Additional docs commentary and code-tidying by committer
Jeremy Harris [Sun, 24 Sep 2023 16:02:52 +0000 (17:02 +0100)]
Docs: remove claim that -Mg causes specific wording in bounce. Bug 3026
While investigating, ensure EXPERIMENTAL_DSN_INFO matches
Jeremy Harris [Thu, 14 Sep 2023 17:46:15 +0000 (18:46 +0100)]
Docs: note that the match_ip condition sets $value
Jeremy Harris [Mon, 11 Sep 2023 14:50:35 +0000 (15:50 +0100)]
Fix ${tr...} and empty-strings. Bug 3023
Andreas Metzler [Sun, 10 Sep 2023 15:50:36 +0000 (16:50 +0100)]
typo
Jeremy Harris [Sun, 10 Sep 2023 09:06:56 +0000 (10:06 +0100)]
Feature advertisements for radius and pwcheck
Jeremy Harris [Fri, 8 Sep 2023 10:40:55 +0000 (11:40 +0100)]
Testsuite: (Build) bring the autconf path up to current
Jeremy Harris [Fri, 8 Sep 2023 08:59:52 +0000 (09:59 +0100)]
Testsuite: add command cat2
The /dev/stderr trick manages to fail on Gnu HURD
Jeremy Harris [Thu, 7 Sep 2023 21:02:59 +0000 (22:02 +0100)]
tidying
Jeremy Harris [Thu, 7 Sep 2023 18:33:07 +0000 (19:33 +0100)]
Testsuite: output changes resulting
Broken-by: 7616c28d51aa
Jeremy Harris [Thu, 7 Sep 2023 15:40:39 +0000 (16:40 +0100)]
Docs: example complex expansion for router domains condition
u34 [Thu, 7 Sep 2023 15:14:55 +0000 (16:14 +0100)]
Docs: typo in comment in example config. Bug 3022
Jeremy Harris [Thu, 7 Sep 2023 15:02:03 +0000 (16:02 +0100)]
Build: check during make for perl script library requirements
Jeremy Harris [Wed, 6 Sep 2023 15:10:58 +0000 (16:10 +0100)]
Testsuite: munge for FreeBSD
Jeremy Harris [Wed, 6 Sep 2023 12:44:24 +0000 (13:44 +0100)]
Testsuite: typo