X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/b1770b6e4e865e3422e18e903b8e918df8802aa0..f53d7cf7c6d5af5dd7c5c040e641b665e3d8f7e7:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 2bcdea8e9..8c7dc7230 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -65,6 +65,8 @@ TK/01 Bugzilla 1239 - fix DKIM verification when signature was not inserted JH/01 Bugzilla 660 - Multi-valued attributes from ldap now parseable as a comma-sep list; embedded commas doubled. +JH/02 Refactored ACL "verify =" logic to table-driven dispatch. + PP/15 LDAP: Check for errors of TLS initialisation, to give correct diagnostics. Report and patch from Dmitry Banschikov. @@ -99,7 +101,7 @@ PP/23 Added PCRE_CONFIG=yes support to Makefile for using pcre-config to PP/24 Fixed headers_only on smtp transports (was not sending trailing dot). Bugzilla 1246, report and most of solution from Tomasz Kusy. -JH/02 ${eval } now uses 64-bit and supports a "g" suffix (like to "k" and "m"). +JH/03 ${eval } now uses 64-bit and supports a "g" suffix (like to "k" and "m"). This may cause build issues on older platforms. PP/25 Revamped GnuTLS support, passing tls_require_ciphers to @@ -111,6 +113,41 @@ PP/25 Revamped GnuTLS support, passing tls_require_ciphers to PP/26 Added EXPERIMENTAL_OCSP for OpenSSL. PP/27 Applied dnsdb SPF support patch from Janne Snabb. + Applied second patch from Janne, implementing suggestion to default + multiple-strings-in-record handling to match SPF spec. + +JH/04 Added expansion variable $tod_epoch_l for a higher-precision time. + +PP/28 Fix DCC dcc_header content corruption (stack memory referenced, + read-only, out of scope). + Patch from Wolfgang Breyha, report from Stuart Northfield. + +PP/29 Fix three issues highlighted by clang analyser static analysis. + Only crash-plausible issue would require the Cambridge-specific + iplookup router and a misconfiguration. + Report from Marcin Mirosław. + +PP/30 Another attempt to deal with PCRE_PRERELEASE, this one less buggy. + +PP/31 %D in printf continues to cause issues (-Wformat=security), so for + now guard some of the printf checks behind WANT_DEEPER_PRINTF_CHECKS. + As part of this, removing so much warning spew let me fix some minor + real issues in debug logging. + +PP/32 GnuTLS was always using default tls_require_ciphers, due to a missing + assignment on my part. Fixed. + +PP/33 Added tls_dh_max_bits option, defaulting to current hard-coded limit + of NSS, for GnuTLS/NSS interop. Problem root cause diagnosis by + Janne Snabb (who went above and beyond: thank you). + +PP/34 Validate tls_require_ciphers on startup, since debugging an invalid + string otherwise requires a connection and a bunch more work and it's + relatively easy to get wrong. Should also expose TLS library linkage + problems. + +PP/35 Pull in on Linux, for some portability edge-cases of + 64-bit ${eval} (JH/03). Exim version 4.77