-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.493 2007/03/13 15:32:47 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.520 2007/06/27 11:01:51 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
+Exim version 4.68
+-----------------
+
+PH/01 Another patch from the Sieve maintainer.
+
+PH/02 When an IPv6 address is converted to a string for single-key lookup
+ in an address list (e.g. for an item such as "net24-dbm;/net/works"),
+ dots are used instead of colons so that keys in lsearch files need not
+ contain colons. This was done some time before quoting was made available
+ in lsearch files. However, iplsearch files do require colons in IPv6 keys
+ (notated using the quote facility) so as to distinguish them from IPv4
+ keys. This meant that lookups for IP addresses in host lists did not work
+ for iplsearch lookups.
+
+ This has been fixed by arranging for IPv6 addresses to be expressed with
+ colons if the lookup type is iplsearch. This is not incompatible, because
+ previously such lookups could never work.
+
+ The situation is now rather anomolous, since one *can* have colons in
+ ordinary lsearch keys. However, making the change in all cases is
+ incompatible and would probably break a number of configurations.
+
+TK/01 Change PRVS address formatting scheme to reflect latests BATV draft
+ version.
+
+MH/01 The "spam" ACL condition code contained a sscanf() call with a %s
+ conversion specification without a maximum field width, thereby enabling
+ a rogue spamd server to cause a buffer overflow. While nobody in their
+ right mind would setup Exim to query an untrusted spamd server, an
+ attacker that gains access to a server running spamd could potentially
+ exploit this vulnerability to run arbitrary code as the Exim user.
+
+TK/02 Bugzilla 502: Apply patch to make the SPF-Received: header use
+ $primary_hostname instead of what libspf2 thinks the hosts name is.
+
+MH/02 The dsearch lookup now uses lstat(2) instead of stat(2) to look for
+ a directory entry by the name of the lookup key. Previously, if a
+ symlink pointed to a non-existing file or a file in a directory that
+ Exim lacked permissions to read, a lookup for a key matching that
+ symlink would fail. Now it is enough that a matching directory entry
+ exists, symlink or not. (Bugzilla 503.)
+
+PH/03 The body_linecount and body_zerocount variables are now exported in the
+ local_scan API.
+
+PH/04 Added the $dnslist_matched variable.
+
+PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client.
+ This means they are set thereafter only if the connection becomes
+ encrypted.
+
+PH/06 Added the client_condition to authenticators so that some can be skipped
+ by clients under certain conditions.
+
+PH/07 The error message for a badly-placed control=no_multiline_responses left
+ "_responses" off the end of the name.
+
+PH/08 Added -Mvc to output a copy of a message in RFC 2822 format.
+
+PH/09 Tidied the code for creating ratelimiting keys, creating them explicitly
+ (without spaces) instead of just copying the configuration text.
+
+PH/10 Added the /noupdate option to the ratelimit ACL condition.
+
+PH/11 Added $max_received_linelength.
+
+PH/12 Added +ignore_defer and +include_defer to host lists.
+
+PH/13 Installed PCRE version 7.2. This needed some changes because of the new
+ way in which PCRE > 7.0 is built.
+
+PH/14 Implemented queue_only_load_latch.
+
+
Exim version 4.67
-----------------
PH/37 If a message is not accepted after it has had an id assigned (e.g.
because it turns out to be too big or there is a timeout) there is no
- "Completed" line in the log. When such a message was selected by exigrep,
- it was listed as "not completed". Such messages can be identified by the
- lack of a "<=" line in the log, and they are now listed as "not
- accepted".
+ "Completed" line in the log. When some messages of this type were
+ selected by exigrep, they were listed as "not completed". Others were
+ picked up by some special patterns. I have improved the selection
+ criteria to be more general.
PH/38 The host_find_failed option in the manualroute router can now be set
to "ignore", to completely ignore a host whose IP address cannot be
found. If all hosts are ignored, the behaviour is controlled by the new
host_all_ignored option.
+PH/39 In a list of hosts for manualroute, if one item (either because of multi-
+ homing or because of multiple MX records with /mx) generated more than
+ one IP address, and the following item turned out to be the local host,
+ all the secondary addresses of the first item were incorrectly removed
+ from the list, along with the local host and any following hosts (which
+ is what is supposed to happen).
+
+PH/40 When Exim receives a message, it writes the login name, uid, and gid of
+ whoever called Exim into the -H file. In the case of the daemon it was
+ behaving confusingly. When first started, it used values for whoever
+ started the daemon, but after a SIGHUP it used the Exim user (because it
+ calls itself on a restart). I have changed the code so that it now always
+ uses the Exim user.
+
+PH/41 (Following a suggestion from Tony Finch) If all the RCPT commands in a
+ message are rejected with the same error (e.g. no authentication or bad
+ sender address), and a DATA command is nevertheless sent (as can happen
+ with PIPELINING or a stupid MUA), the error message that was given to the
+ RCPT commands is included in the rejection of the DATA command. This is
+ intended to be helpful for MUAs that show only the final error to their
+ users.
+
+PH/42 Another patch from the Sieve maintainer.
+
+SC/02 Eximstats - Differentiate between permanent and temporary rejects.
+ Eximstats - Fixed some broken HTML links and added missing column headers
+ (Jez Hancock).
+ Eximstats - Fixed Grand Total Summary Domains, Edomains, and Email
+ columns for Rejects, Temp Rejects, Ham, and Spam rows.
+
+SC/03 Eximstats - V1.58 Fix to get <> and blackhole to show in edomain tables.
+
+PH/43 Yet another patch from the Sieve maintainer.
+
+PH/44 I found a way to check for a TCP/IP connection going away before sending
+ the response to the final '.' that terminates a message, but only in the
+ case where the client has not sent further data following the '.'
+ (unfortunately, this is allowed). However, in many cases there won't be
+ any further data because there won't be any more messages to send. A call
+ to select() can be used: if it shows that the input is "ready", there is
+ either input waiting, or the socket has been closed. An attempt to read
+ the next input character can distinguish the two cases. Previously, Exim
+ would have sent an OK response which the client would never have see.
+ This could lead to message repetition. This fix should cure that, at
+ least in a lot of common cases.
+
+PH/45 Do not advertise STARTTLS in response to HELP unless it would be
+ advertised in response to EHLO.
+
Exim version 4.66
-----------------