X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/67e87fcf7078bb339e8ea1a81e9a12fa1c0687c8..e2e3255a028f500210e24279453b6d1487841a92:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 12a28dd20..cecd2a038 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,6 +1,25 @@ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.88 +----------------- +JH/01 Use SIZE on MAIL FROM in a cutthrough connection, if the destination + supports it and a size is available (ie. the sending peer gave us one). + +JH/02 The obsolete acl condition "demime" is removed (finally, after ten + years of being deprecated). The replacements are the ACLs + acl_smtp_mime and acl_not_smtp_mime. + +JH/03 Upgrade security requirements imposed for hosts_try_dane: previously + a downgraded non-dane trust-anchor for the TLS connection (CA-style) + or even an in-clear connection were permitted. Now, if the host lookup + was dnssec and dane was requested then the host is only used if the + TLSA lookup succeeds and is dnssec. Further hosts (eg. lower priority + MXs) will be tried (for hosts_try_dane though not for hosts_require_dane) + if one fails this test. + This means that a poorly-configured remote DNS will make it incommunicado; + but it protects against a DNS-interception attack on it. + Exim version 4.87 ----------------- @@ -164,10 +183,41 @@ JH/38 Fix cutthrough bug with body lines having a single dot. The dot was received - but deduplicating mailstores were liable to retain only the initial truncated version. -JH/39 Bug 1781: Fix use of private-keys having trailing '=' in the base-64. +JH/39 Bug 1781: Fix use of DKIM private-keys having trailing '=' in the base-64. JH/40 Fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS. +JH/41 Bug 1792: Fix selection of headers to sign for DKIM: bottom-up. While + we're in there, support oversigning also; bug 1309. + +JH/42 Bug 1796: Fix error logged on a malware scanner connection failure. + +HS/04 Add support for keep_environment and add_environment options. + +JH/43 Tidy coding issues detected by gcc --fsanitize=undefined. Some remain; + either intentional arithmetic overflow during PRNG, or testing config- + induced overflows. + +JH/44 Bug 1800: The combination of a -bhc commandline option and cutthrough + delivery resulted in actual delivery. Cancel cutthrough before DATA + stage. + +JH/45 Fix cutthrough, when connection not opened by verify and target hard- + rejects a recipient: pass the reject to the originator. + +JH/46 Multiple issues raised by Coverity. Some were obvious or plausible bugs. + Many were false-positives and ignorable, but it's worth fixing the + former class. + +JH/47 Fix build on HP-UX and older Solaris, which need (un)setenv now also + for the new environment-manipulation done at startup. Move the routines + from being local to tls.c to being global via the os.c file. + +JH/48 Bug 1807: Fix ${extract } for the numeric/3-string case. While preparsing + an extract embedded as result-arg for a map, the first arg for extract + is unavailable so we cannot tell if this is a numbered or keyed + extraction. Accept either. + Exim version 4.86 @@ -289,6 +339,8 @@ JH/35 Bug 1642: Fix support of $spam_ variables at delivery time. Was JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command added for tls authenticator. +HS/03 Add perl_taintmode main config option + Exim version 4.85 -----------------