X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/29f89cad0cf7be1977f6ed36d27ac9b651aec9e2..64f2600a56e0201f23dd3496a499fff6ef22c0c0:/doc/doc-txt/ChangeLog?ds=inline diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 61b6ac275..31bd94acc 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,8 +1,80 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.479 2007/02/14 14:59:01 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.519 2007/06/26 11:16:54 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.68 +----------------- + +PH/01 Another patch from the Sieve maintainer. + +PH/02 When an IPv6 address is converted to a string for single-key lookup + in an address list (e.g. for an item such as "net24-dbm;/net/works"), + dots are used instead of colons so that keys in lsearch files need not + contain colons. This was done some time before quoting was made available + in lsearch files. However, iplsearch files do require colons in IPv6 keys + (notated using the quote facility) so as to distinguish them from IPv4 + keys. This meant that lookups for IP addresses in host lists did not work + for iplsearch lookups. + + This has been fixed by arranging for IPv6 addresses to be expressed with + colons if the lookup type is iplsearch. This is not incompatible, because + previously such lookups could never work. + + The situation is now rather anomolous, since one *can* have colons in + ordinary lsearch keys. However, making the change in all cases is + incompatible and would probably break a number of configurations. + +TK/01 Change PRVS address formatting scheme to reflect latests BATV draft + version. + +MH/01 The "spam" ACL condition code contained a sscanf() call with a %s + conversion specification without a maximum field width, thereby enabling + a rogue spamd server to cause a buffer overflow. While nobody in their + right mind would setup Exim to query an untrusted spamd server, an + attacker that gains access to a server running spamd could potentially + exploit this vulnerability to run arbitrary code as the Exim user. + +TK/02 Bugzilla 502: Apply patch to make the SPF-Received: header use + $primary_hostname instead of what libspf2 thinks the hosts name is. + +MH/02 The dsearch lookup now uses lstat(2) instead of stat(2) to look for + a directory entry by the name of the lookup key. Previously, if a + symlink pointed to a non-existing file or a file in a directory that + Exim lacked permissions to read, a lookup for a key matching that + symlink would fail. Now it is enough that a matching directory entry + exists, symlink or not. (Bugzilla 503.) + +PH/03 The body_linecount and body_zerocount variables are now exported in the + local_scan API. + +PH/04 Added the $dnslist_matched variable. + +PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client. + This means they are set thereafter only if the connection becomes + encrypted. + +PH/06 Added the client_condition to authenticators so that some can be skipped + by clients under certain conditions. + +PH/07 The error message for a badly-placed control=no_multiline_responses left + "_responses" off the end of the name. + +PH/08 Added -Mvc to output a copy of a message in RFC 2822 format. + +PH/09 Tidied the code for creating ratelimiting keys, creating them explicitly + (without spaces) instead of just copying the configuration text. + +PH/10 Added the /noupdate option to the ratelimit ACL condition. + +PH/11 Added $max_received_linelength. + +PH/12 Added +ignore_defer and +include_defer to host lists. + +PH/13 Installed PCRE version 7.2. This needed some changes because of the new + way in which PCRE > 7.0 is built. + + Exim version 4.67 ----------------- @@ -106,6 +178,117 @@ PH/25 Applied Magnus Holmgren's patch for ${addresses, ${map, ${filter, and SC/02 Applied Daniel Tiefnig's patch to improve the '($parent) =' pattern match. +PH/26 Added a "continue" ACL modifier that does nothing, for the benefit of its + expansion side effects. + +PH/27 When a message times out after an over-quota error from an Exim-imposed + quota, the bounce message says "mailbox is full". This message was not + being given when it was a system quota that was exceeded. It now should + be the same. + +MH/03 Made $recipients available in local_scan(). local_scan() already has + better access to the recipient list through recipients_list[], but + $recipients can be useful in postmaster-provided expansion strings. + +PH/28 The $smtp_command and $smtp_command_argument variables were not correct + in the case of a MAIL command with additional options following the + address, for example: MAIL FROM: SIZE=1234. The option settings + were accidentally chopped off. + +PH/29 SMTP synchronization checks are implemented when a command is read - + there is a check that no more input is waiting when there shouldn't be + any. However, for some commands, a delay in an ACL can mean that it is + some time before the response is written. In this time, more input might + arrive, invalidly. So now there are extra checks after an ACL has run for + HELO/EHLO and after the predata ACL, and likewise for MAIL and RCPT when + pipelining has not been advertised. + +PH/30 MH's patch to allow iscntrl() characters to be list separators. + +PH/31 Unlike :fail:, a custom message specified with :defer: was not being + returned in the SMTP response when smtp_return_error_details was false. + This has been fixed. + +PH/32 Change the Dovecot authenticator to use read() and write() on the socket + instead of the C I/O that was originally supplied, because problems were + reported on Solaris. + +PH/33 Compile failed with OpenSSL 0.9.8e. This was due to a coding error in + Exim which did not show up earlier: it was assuming that a call to + SSL_CTX_set_info_callback() might give an error value. In fact, there is + no error. In previous releases of OpenSSL, SSL_CTX_set_info_callback() + was a macro that became an assignment, so it seemed to work. This has + changed to a proper function call with a void return, hence the compile + error. Exim's code has been fixed. + +PH/34 Change HDA_SIZE in oracle.c from 256 to 512. This is needed for 64-bit + cpus. + +PH/35 Applied a patch from the Sieve maintainer which fixes a bug in "notify". + +PH/36 Applied John Jetmore's patch to add -v functionality to exigrep. + +PH/37 If a message is not accepted after it has had an id assigned (e.g. + because it turns out to be too big or there is a timeout) there is no + "Completed" line in the log. When some messages of this type were + selected by exigrep, they were listed as "not completed". Others were + picked up by some special patterns. I have improved the selection + criteria to be more general. + +PH/38 The host_find_failed option in the manualroute router can now be set + to "ignore", to completely ignore a host whose IP address cannot be + found. If all hosts are ignored, the behaviour is controlled by the new + host_all_ignored option. + +PH/39 In a list of hosts for manualroute, if one item (either because of multi- + homing or because of multiple MX records with /mx) generated more than + one IP address, and the following item turned out to be the local host, + all the secondary addresses of the first item were incorrectly removed + from the list, along with the local host and any following hosts (which + is what is supposed to happen). + +PH/40 When Exim receives a message, it writes the login name, uid, and gid of + whoever called Exim into the -H file. In the case of the daemon it was + behaving confusingly. When first started, it used values for whoever + started the daemon, but after a SIGHUP it used the Exim user (because it + calls itself on a restart). I have changed the code so that it now always + uses the Exim user. + +PH/41 (Following a suggestion from Tony Finch) If all the RCPT commands in a + message are rejected with the same error (e.g. no authentication or bad + sender address), and a DATA command is nevertheless sent (as can happen + with PIPELINING or a stupid MUA), the error message that was given to the + RCPT commands is included in the rejection of the DATA command. This is + intended to be helpful for MUAs that show only the final error to their + users. + +PH/42 Another patch from the Sieve maintainer. + +SC/02 Eximstats - Differentiate between permanent and temporary rejects. + Eximstats - Fixed some broken HTML links and added missing column headers + (Jez Hancock). + Eximstats - Fixed Grand Total Summary Domains, Edomains, and Email + columns for Rejects, Temp Rejects, Ham, and Spam rows. + +SC/03 Eximstats - V1.58 Fix to get <> and blackhole to show in edomain tables. + +PH/43 Yet another patch from the Sieve maintainer. + +PH/44 I found a way to check for a TCP/IP connection going away before sending + the response to the final '.' that terminates a message, but only in the + case where the client has not sent further data following the '.' + (unfortunately, this is allowed). However, in many cases there won't be + any further data because there won't be any more messages to send. A call + to select() can be used: if it shows that the input is "ready", there is + either input waiting, or the socket has been closed. An attempt to read + the next input character can distinguish the two cases. Previously, Exim + would have sent an OK response which the client would never have see. + This could lead to message repetition. This fix should cure that, at + least in a lot of common cases. + +PH/45 Do not advertise STARTTLS in response to HELP unless it would be + advertised in response to EHLO. + Exim version 4.66 -----------------