X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/084c1d8c14da86888bbffc31a54246dc6e2e8147..f1a29782e1db8bae2bdadf1335c3687cb8b820f6:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 2b3ec8573..e782b9ee3 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -3,6 +3,15 @@ $Cambridge: exim/doc/doc-txt/ChangeLog,v 1.632 2010/06/12 15:21:25 jetmore Exp $ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.77 +----------------- + +PP/01 Solaris build fix for Oracle's LDAP libraries. + Bugzilla 1109, patch from Stephen Usher. + +TF/01 HP/UX build fix: avoid arithmetic on a void pointer. + + Exim version 4.76 ----------------- @@ -18,6 +27,29 @@ PP/04 New "dns_use_edns0" global option. PP/05 Don't segfault on misconfiguration of ref:name exim-user as uid. Bugzilla 1098. +PP/06 Extra paranoia around buffer usage at the STARTTLS transition. + nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316 + +TK/01 Updated PolarSSL code to 0.14.2. + Bugzilla 1097. Patch from Andreas Metzler. + +PP/07 Catch divide-by-zero in ${eval:...}. + Fixes bugzilla 1102. + +PP/08 Condition negation of bool{}/bool_lax{} did not negate. Fixed. + Bugzilla 1104. + +TK/02 Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a + format-string attack -- SECURITY: remote arbitrary code execution. + +TK/03 SECURITY - DKIM signature header parsing was double-expanded, second + time unintentionally subject to list matching rules, letting the header + cause arbitrary Exim lookups (of items which can occur in lists, *not* + arbitrary string expansion). This allowed for information disclosure. + +PP/09 Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to + INT_MIN/-1 -- value coerced to INT_MAX. + Exim version 4.75 ----------------- @@ -239,7 +271,7 @@ DW/26 Set FD_CLOEXEC on SMTP sockets after forking in the daemon, to ensure PP/27 Bugzilla 1047: change the default for system_filter_user to be the Exim run-time user, instead of root. -PP/28 Add WHITELIST_D_MACROS option to let some macros be overriden by the +PP/28 Add WHITELIST_D_MACROS option to let some macros be overridden by the Exim run-time user without dropping privileges. DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the