X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/035c7f1e7b6996382634129129d4e14826191148..a3c8643131ef2a3f8100de7027be6bdf4e2ef3af:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index e309317af..12369e434 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,6 +1,33 @@ Change log file for Exim from version 4.21 ------------------------------------------- + +Exim version 4.83 +----------------- + +TF/01 Correctly close the server side of TLS when forking for delivery. + + When a message was received over SMTP with TLS, Exim failed to clear up + the incoming connection properly after forking off the child process to + deliver the message. In some situations the subsequent outgoing + delivery connection happened to have the same fd number as the incoming + connection previously had. Exim would try to use TLS and fail, logging + a "Bad file descriptor" error. + +TF/02 Portability fix for building lookup modules on Solaris when the xpg4 + utilities have not been installed. + +JH/01 Fix memory-handling in use of acl as a conditional; avoid free of + temporary space as the ACL may create new global variables. + +TL/01 LDAP support uses per connection or global context settings, depending + upon the detected version of the libraries at build time. + +TL/02 Experimental Proxy Protocol support: allows a proxied SMTP connection + to extract and use the src ip:port in logging and expansions as if it + were a direct connection from the outside internet. + + Exim version 4.82 ----------------- @@ -44,6 +71,11 @@ TL/04 Bugzilla 1281 - Spec typo. TL/05 Bugzilla 1285 - Spec omission, fix docbook errors for spec.txt creation. +TL/06 Add Experimental DMARC support using libopendmarc libraries. + +TL/07 Fix an out of order global option causing a segfault. Reported to dev + mailing list by by Dmitry Isaikin. + JH/01 Bugzilla 1201 & 304 - New cutthrough-delivery feature, with TLS support. JH/02 Support "G" suffix to numbers in ${if comparisons. @@ -55,7 +87,9 @@ NM/01 Bugzilla 1197 - Spec typo JH/03 Add expansion operators ${listnamed:name} and ${listcount:string} -PP/09 Add gnutls_enable_pkcs11 option. +PP/09 Add gnutls_allow_auto_pkcs11 option (was originally called + gnutls_enable_pkcs11, but renamed to more accurately indicate its + function. PP/10 Let Linux makefile inherit CFLAGS/CFLAGS_DYNAMIC. Pulled from Debian 30_dontoverridecflags.dpatch by Andreas Metzler. @@ -82,6 +116,7 @@ JH/10 Add 8bitmime log_selector, for 8bitmime status on the received line. PP/11 SECURITY: protect DKIM DNS decoding from remote exploit. CVE-2012-5671 + (nb: this is the same fix as in Exim 4.80.1) JH/11 Add A= logging on delivery lines, and a client_set_id option on authenticators. @@ -171,6 +206,91 @@ JH/14 SMTP PRDR (http://www.eric-a-hall.com/specs/draft-hall-prdr-00.txt). PP/16 Fix problems caused by timeouts during quit ACLs trying to double fclose(). Diagnosis by Todd Lyons. +PP/17 Update configure.default to handle IPv6 localhost better. + Patch by Alain Williams (plus minor tweaks). + Bugzilla 880. + +PP/18 OpenSSL made graceful with empty tls_verify_certificates setting. + This is now consistent with GnuTLS, and is now documented: the + previous undocumented portable approach to treating the option as + unset was to force an expansion failure. That still works, and + an empty string is now equivalent. + +PP/19 Renamed DNSSEC-enabling option to "dns_dnssec_ok", to make it + clearer that Exim is using the DO (DNSSEC OK) EDNS0 resolver flag, + not performing validation itself. + +PP/20 Added force_command boolean option to pipe transport. + Patch from Nick Koston, of cPanel Inc. + +JH/15 AUTH support on callouts (and hence cutthrough-deliveries). + Bugzilla 321, 823. + +TF/04 Added udpsend ACL modifer and hexquote expansion operator + +PP/21 Fix eximon continuous updating with timestamped log-files. + Broken in a format-string cleanup in 4.80, missed when I repaired the + other false fix of the same issue. + Report and fix from Heiko Schlichting. + Bugzilla 1363. + +PP/22 Guard LDAP TLS usage against Solaris LDAP variant. + Report from Prashanth Katuri. + +PP/23 Support safari_ecdhe_ecdsa_bug for openssl_options. + It's SecureTransport, so affects any MacOS clients which use the + system-integrated TLS libraries, including email clients. + +PP/24 Fix segfault from trying to fprintf() to a NULL stdio FILE* if + using a MIME ACL for non-SMTP local injection. + Report and assistance in diagnosis by Warren Baker. + +TL/08 Adjust exiqgrep to be case-insensitive for sender/receiver. + +JH/16 Fix comparisons for 64b. Bugzilla 1385. + +TL/09 Add expansion variable $authenticated_fail_id to keep track of + last id that failed so it may be referenced in subsequent ACL's. + +TL/10 Bugzilla 1375 - Prevent TLS rebinding in ldap. Patch provided by + Alexander Miroch. + +TL/11 Bugzilla 1382 - Option ldap_require_cert overrides start_tls + ldap library initialization, allowing self-signed CA's to be + used. Also properly sets require_cert option later in code by + using NULL (global ldap config) instead of ldap handle (per + session). Bug diagnosis and testing by alxgomz. + +TL/12 Enhanced documentation in the ratelimit.pl script provided in + the src/util/ subdirectory. + +TL/13 Bug 1301 - Imported transport SQL logging patch from Axel Rau + renamed to Transport Post Delivery Action by Jeremy Harris, as + EXPERIMENTAL_TPDA. + +TL/14 Bugzilla 1217 - Redis lookup support has been added. It is only enabled + when Exim is compiled with EXPERIMENTAL_REDIS. A new config variable + redis_servers = needs to be configured which will be used by the redis + lookup. Patch from Warren Baker, of The Packet Hub. + +TL/15 Fix exiqsumm summary for corner case. Patch provided by Richard Hall. + +TL/16 Bugzilla 1289 - Clarify host/ip processing when have errors looking up a + hostname or reverse DNS when processing a host list. Used suggestions + from multiple comments on this bug. + +TL/17 Bugzilla 1057 - Multiple clamd TCP targets patch from Mark Zealey. + +TL/18 Had previously added a -CONTINUE option to runtest in the test suite. + Missed a few lines, added it to make the runtest require no keyboard + interaction. + +TL/19 Bugzilla 1402 - Test 533 fails if any part of the path to the test suite + contains upper case chars. Make router use caseful_local_part. + +TL/20 Bugzilla 1400 - Add AVOID_GNUTLS_PKCS11 build option. Allows GnuTLS + support when GnuTLS has been built with p11-kit. + Exim version 4.80.1 -------------------