X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/135e949699b889c8c9088bb05f810d44adc74246..3709254fd0fd46f0efa74fe85c80260958b9c51e:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index ecb6b33a9..cf104e7f1 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -126,7 +126,7 @@ JH/18 Prebuild the data-structure for "builtin" macros, for faster startup. JH/19 Bug 2141: Use the full-complex API for Berkeley DB rather than the legacy- compatible one, to avoid the (poorly documented) possibility of a config file in the working directory redirecting the DB files, possibly correpting - some existing file. + some existing file. CVE-2017-10140 assigned for BDB. JH/20 Bug 2147: Do not defer for a verify-with-callout-and-random which is not cache-hot. Previously, although the result was properly cached, the @@ -141,6 +141,66 @@ JH/22 Retire historical build files to an "unsupported" subdir. These are JH/23 DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field, if present. Previously it was ignored. +JH/24 Start using specified-initialisers in C structure init coding. This is + a C99 feature (it's 2017, so now considered safe). + +JH/25 Use one-bit bitfields for flags in the "addr" data structure. Previously + if was a fixed-sized field and bitmask ops via macros; it is now more + extensible. + +PP/07 GitHub PR 56: Apply MariaDB build fix. + Patch provided by Jaroslav Å karvada. + +PP/08 Bug 2161: Fix regression in sieve quoted-printable handling introduced + during Coverity cleanups [4.87 JH/47] + Diagnosis and fix provided by Michael Fischer v. Mollard. + +JH/26 Fix DKIM bug: when the pseudoheader generated for signing was exactly + the right size to place the terminating semicolon on its own folded + line, the header hash was calculated to an incorrect value thanks to + the (relaxed) space the fold became. + +HS/02 Fix Bug 2130: large writes from the transport subprocess where chunked + and confused the parent. + +JH/27 Fix SOCKS bug: an unitialized pointer was deref'd by the transport process + which could crash as a result. This could lead to undeliverable messages. + +JH/28 Logging: "next input sent too soon" now shows where input was truncated + for log purposes. + +JH/29 Fix queue_run_in_order to ignore the PID portion of the message ID. This + matters on fast-turnover and PID-randomising systems, which were getting + out-of-order delivery. + +JH/30 Fix a logging bug on aarch64: an unsafe routine was previously used for + a possibly-overlapping copy. The symptom was that "Remote host closed + connection in response to HELO" was logged instead of the actual 4xx + error for the HELO. + +JH/31 Fix CHUNKING code to properly flush the unwanted chunk after an error. + Previously only that bufferd was discarded, resulting in SYMTP command + desynchronisation. + +JH/32 DKIM: when a message has multiple signatures matching an identity given + in dkim_verify_signers, run the dkim acl once for each. Previously only + one run was done. Bug 2189. + +JH/33 Downgrade an unfound-list name (usually a typo in the config file) from + "panic the current process" to "deliberately defer". The panic log is + still written with the problem list name; the mail and reject logs now + get a temp-reject line for the message that was being handled, saying + something like "domains check lookup or other defer". The SMTP 451 + message is still "Temporary local problem". + +JH/34 Bug 2199: Fix a use-after-free while reading smtp input for header lines. + A crafted sequence of BDAT commands could result in in-use memory beeing + freed. CVE-2017-16943. + +HS/03 Bug 2201: Fix checking for leading-dot on a line during headers reading + from SMTP input. Previously it was always done; now only done for DATA + and not BDAT commands. CVE-2017-16944. + Exim version 4.89 -----------------