exim.git
2021-06-24 Heiko Schlittermann... autoreply
2021-06-24 Heiko Schlittermann... rda
2021-06-24 Heiko Schlittermann... parse
2021-06-24 Heiko Schlittermann... acl
2021-06-24 Heiko Schlittermann... dbstuff
2021-06-24 Heiko Schlittermann... search
2021-06-24 Heiko Schlittermann... Introduce main config option allow_insecure_tainted_data
2021-06-22 Jeremy HarrisGnuTLS: fix build with older GnuTLS
2021-06-22 Jeremy HarrisTLS: as server, reject connections with ALPN indicating...
2021-06-21 Jeremy HarrisTestsuite: fix testcases for non-TLS build
2021-06-21 Jeremy HarrisTestsuite: fix munging for no-TLS build
2021-06-21 Jeremy HarrisCompiler quietening
2021-06-19 Jeremy HarrisOpenSSL: on library versions too old to support session...
2021-06-19 Jeremy HarrisTestsuite: split out OpenSSL TLS1.3 resume tests
2021-06-19 Jeremy HarrisTestsuite: allow time for daemon to listen before termi...
2021-06-17 Jeremy HarrisOpenSSL: fix verify-certs stack initialization
2021-06-17 Jeremy HarrisTestsuite: output changes for OpenSSL library variants
2021-06-17 Jeremy HarrisDocs: typo
2021-06-15 Jeremy Harrishosts_require_helo
2021-06-13 Jeremy HarrisTestsuite: EC cert
2021-06-08 Jeremy HarrisFix server creds cache invalidation
2021-06-07 Jeremy Harriscompiler quietening
2021-06-07 Jeremy HarrisRe-fix non-Linux build
2021-06-06 Jeremy Harristidying
2021-06-06 Jeremy HarrisFix non-Linux build
2021-06-06 Jeremy HarrisObservability: listen queue backlog
2021-06-06 Jeremy HarrisTestsuite: testcase for multiple listener sockets ready
2021-06-06 Jeremy HarrisAvoid rescanning listen select set
2021-06-06 Jeremy HarrisCompute select fd_set outside daemon loop
2021-06-05 Jeremy HarrisTestsuite: fix OCSP/OpenSSL/1.3 testcase
2021-06-05 Jeremy HarrisFix SSL creds file watching on kevent platforms (BSDs...
2021-06-04 Jeremy HarrisDMARC: note unsupported library versions issue
2021-06-04 Jeremy Harrisdebug: fix openssl output
2021-06-04 Jeremy HarrisTestsuite: regen certificates suite with fixed Authorit...
2021-06-03 Jeremy HarrisDKIM: under GnuTLS, permit weak algorithms
2021-06-03 Jeremy HarrisTestsuite: use higher-spec certs, for more-recent GnuTL...
2021-05-28 Jeremy Harristidying
2021-05-28 Jeremy HarrisUpdate testcase output to match newly applied default...
2021-05-28 Jeremy HarrisFix testsuite output for DB cases
2021-05-28 Jeremy Harristidying
2021-05-28 Jeremy HarrisLogging: avoid pause during log-open under testsuite
2021-05-28 Jeremy HarrisFix dmarc build
2021-05-28 Jeremy HarrisDocs: enhance section on redirect router :defer: &...
2021-05-27 Heiko Schlittermann... Merge branch 'qualys-2020'
2021-05-27 Heiko Schlittermann... Fix BDAT issue for body w/o trailing CRLF (again Bug...
2021-05-27 Heiko Schlittermann... testsuite: reproduce BDAT with missing eol (Bug 1974)
2021-05-27 Heiko Schlittermann... Cleanup docs on cve-2020-qualys, point to the Exim...
2021-05-27 Heiko Schlittermann... rewrite: revert to unchecked result of parse_extract_ad...
2021-05-27 Heiko Schlittermann... Honour the outcome of parse_extract_address(), testsuit...
2021-05-27 Heiko Schlittermann... Update upgrade notes and source about use of seteuid()
2021-05-27 Qualys Security... CVE-2020-28007: Link attack in Exim's log directory
2021-05-27 Heiko Schlittermann... CVE-2020-28016: Heap out-of-bounds write in parse_fix_p...
2021-05-27 Heiko Schlittermann... SECURITY: Avoid modification of constant data in dkim...
2021-05-27 Heiko Schlittermann... SECURITY: Leave a clean smtp_out input buffer even...
2021-05-27 Qualys Security... SECURITY: Always exit when LOG_PANIC_DIE is set
2021-05-27 Qualys Security... CVE-2020-28012: Missing close-on-exec flag for privileg...
2021-05-27 Qualys Security... CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
2021-05-27 Qualys Security... CVE-2020-28009: Integer overflow in get_stdinput()
2021-05-27 Qualys Security... CVE-2020-28015+28021: New-line injection into spool...
2021-05-27 Heiko Schlittermann... CVE-2020-28026: Line truncation and injection in spool_...
2021-05-27 Heiko Schlittermann... CVE-2020-28022: Heap out-of-bounds read and write in...
2021-05-27 Heiko Schlittermann... CVE-2020-28017: Integer overflow in receive_add_recipient()
2021-05-27 Heiko Schlittermann... SECURITY: Refuse negative and large store allocations
2021-05-27 Heiko Schlittermann... CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
2021-05-27 Qualys Security... CVE-2020-28011: Heap buffer overflow in queue_run()
2021-05-27 Heiko Schlittermann... CVE-2020-28010: Heap out-of-bounds write in main()
2021-05-27 Qualys Security... CVE-2020-28018: Use-after-free in tls-openssl.c
2021-05-27 Qualys Security... CVE-2020-28025: Heap out-of-bounds read in pdkim_finish...
2021-05-27 Heiko Schlittermann... CVE-2020-28014, CVE-2021-27216: PID file handling
2021-05-27 Heiko Schlittermann... Add priv.c: reworked version of priv dropping code
2021-05-27 Heiko Schlittermann... CVE-2020-28008: Assorted attacks in Exim's spool directory
2021-05-27 Jeremy HarrisCVE-2020-28019: Failure to reset function pointer after...
2021-05-27 Heiko Schlittermann... SECURITY: smtp_out: Leave a clean input buffer, even...
2021-05-27 Heiko Schlittermann... SECURITY: Avoid modification of constant data
2021-05-27 Heiko Schlittermann... SECURITY: Avoid memory corruption in dkim handling
2021-05-27 Heiko Schlittermann... SECURITY: Avoid decrement of dkim_collect_input if...
2021-05-27 Heiko Schlittermann... SECURITY: Check overrun rcpt_count integer
2021-05-27 Heiko Schlittermann... SECURITY: Fix safeguard against upward traversal in...
2021-05-27 Heiko Schlittermann... SECURITY: Don't miss the very last byte when reading...
2021-05-27 Heiko Schlittermann... SECURITY: off-by-one in smtp transport (read response)
2021-05-27 Phil PennockStart documenting the things we changed incompatibly.
2021-05-27 Phil PennockInline four often-called new functions
2021-05-27 Jeremy HarrisFixes for compilation
2021-05-27 Phil PennockSECURITY: rework BDAT receive function handling
2021-05-27 Phil PennockSECURITY: fix SMTP verb option parsing
2021-05-27 Phil PennockSECURITY: Avoid integer overflow on too many recipients
2021-05-27 Phil PennockSECURITY: default recipients_max to 50,000
2021-05-27 Phil PennockSECURITY: a second negative store guard
2021-05-27 Phil PennockSECURITY: refuse too small store allocations
2021-05-27 Phil PennockSECURITY: fix Qualys CVE-2020-PFPZA
2021-05-27 Phil PennockSECURITY: fix Qualys CVE-2020-PFPSN
2021-05-27 Phil PennockSECURITY: fix Qualys CVE-2020-SLCWD
2021-05-27 Phil PennockSECURITY: pick up more argv length checks
2021-05-27 Phil PennockSECURITY: length limits on many cmdline options
2021-05-27 Phil PennockRe-ran the conversion of all DH parameters
2021-05-27 Simon Arlottgen_pkcs3: Terminate string before calling BH_hex2bn()
2021-05-27 Phil PennockDefault config: reject on too many bad RCPT
2021-05-27 Heiko Schlittermann... Handle SIGINT as we do with SIGTERM
2021-05-27 Heiko Schlittermann... Enforce pid_file_path start at "/"
2021-05-27 Heiko Schlittermann... testsuite: tidy logs/4520 and confs/4520
next