X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/d2ee61144850b8e20cbf9017e94e2184e33fc0f6..90b6341f7282beed1175e942a113c30c212425c9:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 5c72b0ca8..07501bb6c 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,8 +1,461 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.490 2007/03/13 10:05:16 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.632 2010/06/12 15:21:25 jetmore Exp $ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.73 +----------------- + +PP/01 Date: & Message-Id: revert to normally being appended to a message, + only prepend for the Resent-* case. Fixes regression introduced in + Exim 4.70 by NM/22 for Bugzilla 607. + +PP/02 Include check_rfc2047_length in configure.default because we're seeing + increasing numbers of administrators be bitten by this. + +JJ/01 Added DISABLE_DKIM and comment to src/EDITME + +PP/03 Bugzilla 994: added openssl_options main configuration option. + +PP/04 Bugzilla 995: provide better SSL diagnostics on failed reads. + +PP/05 Bugzilla 834: provide a permit_coredump option for pipe transports. + +PP/06 Adjust NTLM authentication to handle SASL Initial Response. + +PP/07 If TLS negotiated an anonymous cipher, we could end up with SSL but + without a peer certificate, leading to a segfault because of an + assumption that peers always have certificates. Be a little more + paranoid. Problem reported by Martin Tscholak. + +PP/08 Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content + filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes + NB: ClamAV planning to remove STREAM in "middle of 2010". + CL also introduces -bmalware, various -d+acl logging additions and + more caution in buffer sizes. + +PP/09 Implemented reverse_ip expansion operator. + +PP/10 Bugzilla 937: provide a "debug" ACL control. + +PP/11 Bugzilla 922: Documentation dusting, patch provided by John Horne. + +PP/12 Bugzilla 973: Implement --version. + +PP/13 Bugzilla 752: Refuse to build/run if Exim user is root/0. + +PP/14 Build without WITH_CONTENT_SCAN. Path from Andreas Metzler. + +PP/15 Bugzilla 816: support multiple condition rules on Routers. + +PP/16 Add bool_lax{} expansion operator and use that for combining multiple + condition rules, instead of bool{}. Make both bool{} and bool_lax{} + ignore trailing whitespace. + +JJ/02 prevent non-panic DKIM error from being sent to paniclog + +JJ/03 added tcp_wrappers_daemon_name to allow host entries other than + "exim" to be used + +PP/17 Fix malware regression for cmdline scanner introduced in PP/08. + Notification from Dr Andrew Aitchison. + +PP/18 Change ClamAV response parsing to be more robust and to handle ClamAV's + ExtendedDetectionInfo response format. + Notification from John Horne. + +PP/19 OpenSSL 1.0.0a compatibility const-ness change, should be backwards + compatible. + +PP/20 Added a CONTRIBUTING file. Fixed the documentation build to use http: + XSL and documented dependency on system catalogs, with examples of how + it normally works. + +DW/21 Added Valgrind hooks in store.c to help it capture out-of-bounds store + access. + +DW/22 Bugzilla 1044: CVE-2010-4345 - partial fix: restrict default behaviour + of CONFIGURE_OWNER and CONFIGURE_GROUP options to no longer allow a + configuration file which is writeable by the Exim user or group. + +DW/23 Bugzilla 1044: CVE-2010-4345 - part two: extend checks for writeability + of configuration files to cover files specified with the -C option if + they are going to be used with root privileges, not just the default + configuration file. + +DW/24 Bugzilla 1044: CVE-2010-4345 - part three: remove ALT_CONFIG_ROOT_ONLY + option (effectively making it always true). + +DW/25 Add TRUSTED_CONFIG_PREFIX_FILE option to allow alternative configuration + files to be used while preserving root privileges. + +DW/26 Set FD_CLOEXEC on SMTP sockets after forking in the daemon, to ensure + that rogue child processes cannot use them. + +PP/27 Bugzilla 1047: change the default for system_filter_user to be the Exim + run-time user, instead of root. + +PP/28 Add WHITELIST_D_MACROS option to let some macros be overriden by the + Exim run-time user without dropping privileges. + +DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the + result string, instead of calling string_vformat() twice with the same + arguments. + +DW/30 Allow TRUSTED_CONFIG_PREFIX_FILE only for Exim or CONFIGURE_OWNER, not + for other users. Others should always drop root privileges if they use + -C on the command line, even for a whitelisted configure file. + +DW/31 Turn TRUSTED_CONFIG_PREFIX_FILE into TRUSTED_CONFIG_FILE. No prefixes. + + +Exim version 4.72 +----------------- + +JJ/01 installed exipick 20100104.1, adding $max_received_linelength, + $data_path, and $header_path variables; fixed documentation bugs and + typos + +JJ/02 installed exipick 20100222.0, added --input-dir and --finput to allow + exipick to access non-standard spools, including the "frozen" queue + (Finput) + +NM/01 Bugzilla 965: Support mysql stored procedures. + Patch from Alain Williams + +NM/02 Bugzilla 961: Spacing fix (syntax error) on Makefile directives for NetBSD + +NM/03 Bugzilla 955: Documentation fix for max_rcpts. + Patch from Andreas Metzler + +NM/04 Bugzilla 954: Fix for unknown responses from Dovecot authenticator. + Patch from Kirill Miazine + +NM/05 Bugzilla 671: Added umask to procmail example. + +JJ/03 installed exipick 20100323.0, fixing doc bug + +NM/06 Bugzilla 988: CVE-2010-2023 - prevent hardlink attack on sticky mail + directory. Notification and patch from Dan Rosenberg. + +TK/01 PDKIM: Upgrade PolarSSL files to upstream version 0.12.1. + +TK/02 Improve log output when DKIM signing operation fails. + +MH/01 Treat the transport option dkim_domain as a colon separated + list, not as a single string, and sign the message with each element, + omitting multiple occurences of the same signer. + +NM/07 Null terminate DKIM strings, Null initialise DKIM variable + Bugzilla 985, 986. Patch by Simon Arlott + +NM/08 Bugzilla 967. dnsdb DNS TXT record bug fix (DKIM-related) + Patch by Simon Arlott + +PP/01 Bugzilla 989: CVE-2010-2024 - work round race condition on + MBX locking. Notification from Dan Rosenberg. + + +Exim version 4.71 +----------------- + +TK/01 Bugzilla 912: Fix DKIM segfault on empty headers/body. + +NM/01 Bugzilla 913: Documentation fix for gnutls_* options. + +NM/02 Bugzilla 722: Documentation for randint. Better randomness defaults. + +NM/03 Bugzilla 847: Enable DNSDB lookup by default. + +NM/04 Bugzilla 915: Flag broken perl installation during build. + + +Exim version 4.70 +----------------- + +TK/01 Added patch by Johannes Berg that expands the main option + "spamd_address" if it starts with a dollar sign. + +TK/02 Write list of recipients to X-Envelope-Sender header when building + the mbox-format spool file for content scanning (suggested by Jakob + Hirsch). + +TK/03 Added patch by Wolfgang Breyha that adds experimental DCC + (http://www.dcc-servers.net/) support via dccifd. Activated by + setting EXPERIMENTAL_DCC=yes in Local/Makefile. + +TK/04 Bugzilla 673: Add f-protd malware scanner support. Patch submitted + by Mark Daniel Reidel . + +NM/01 Bugzilla 657: Embedded PCRE removed from the exim source tree. + When building exim an external PCRE library is now needed - + PCRE is a system library on the majority of modern systems. + See entry on PCRE_LIBS in EDITME file. + +NM/02 Bugzilla 646: Removed unwanted C/R in Dovecot authenticator + conversation. Added nologin parameter to request. + Patch contributed by Kirill Miazine. + +TF/01 Do not log submission mode rewrites if they do not change the address. + +TF/02 Bugzilla 662: Fix stack corruption before exec() in daemon.c. + +NM/03 Bugzilla 602: exicyclog now handles panic log, and creates empty + log files in place. Contributed by Roberto Lima. + +NM/04 Bugzilla 667: Close socket used by dovecot authenticator. + +TF/03 Bugzilla 615: When checking the local_parts router precondition + after a local_part_suffix or local_part_prefix option, Exim now + does not use the address's named list lookup cache, since this + contains cached lookups for the whole local part. + +NM/05 Bugzilla 521: Integrated SPF Best Guess support contributed by + Robert Millan. Documentation is in experimental-spec.txt. + +TF/04 Bugzilla 668: Fix parallel build (make -j). + +NM/05.2 Bugzilla 437: Prevent Maildir aux files being created with mode 000. + +NM/05.3 Bugzilla 598: Improvement to Dovecot authenticator handling. + Patch provided by Jan Srzednicki. + +TF/05 Leading white space used to be stripped from $spam_report which + wrecked the formatting. Now it is preserved. + +TF/06 Save $spam_score, $spam_bar, and $spam_report in spool files, so + that they are available at delivery time. + +TF/07 Fix the way ${extract is skipped in the untaken branch of a conditional. + +TF/08 TLS error reporting now respects the incoming_interface and + incoming_port log selectors. + +TF/09 Produce a more useful error message if an SMTP transport's hosts + setting expands to an empty string. + +NM/06 Bugzilla 744: EXPN did not work under TLS. + Patch provided by Phil Pennock. + +NM/07 Bugzilla 769: Extraneous comma in usage fprintf + Patch provided by Richard Godbee. + +NM/08 Fixed erroneous documentation references to smtp_notquit_acl to be + acl_smtp_notquit, added index entry. + +NM/09 Bugzilla 787: Potential buffer overflow in string_format. + Patch provided by Eugene Bujak. + +NM/10 Bugzilla 770: Problem on some platforms modifying the len parameter to + accept(). Patch provided by Maxim Dounin. + +NM/11 Bugzilla 749: Preserve old behaviour of blanks comparing equal to zero. + Patch provided by Phil Pennock. + +NM/12 Bugzilla 497: Correct behaviour of exiwhat when no config exists. + +NM/13 Bugzilla 590: Correct handling of Resent-Date headers. + Patch provided by Brad "anomie" Jorsch. + +NM/14 Bugzilla 622: Added timeout setting to transport filter. + Patch provided by Dean Brooks. + +TK/05 Add native DKIM support (does not depend on external libraries). + +NM/15 Bugzilla 854: Removed code that symlinks to pcre as its no longer useful. + Patch provided by Graeme Fowler. + +NM/16 Bugzilla 851: Documentation example syntax fix. + +NM/17 Changed NOTICE file to remove references to embedded PCRE. + +NM/18 Bugzilla 894: Fix issue with very long lines including comments in + lsearch. + +NM/19 Bugzilla 745: TLS version reporting. + Patch provided by Phil Pennock. + +NM/20 Bugzilla 167: bool: condition support. + Patch provided by Phil Pennock. + +NM/21 Bugzilla 665: gnutls_compat_mode to allow compatibility with broken + clients. Patch provided by Phil Pennock. + +NM/22 Bugzilla 607: prepend (not append) Resent-Message-ID and Resent-Date. + Patch provided by Brad "anomie" Jorsch. + +NM/23 Bugzilla 687: Fix misparses in eximstats. + Patch provided by Heiko Schlittermann. + +NM/24 Bugzilla 688: Fix exiwhat to handle log_selector = +pid. + Patch provided by Heiko Schlittermann. + +NM/25 Bugzilla 727: Use transport mode as default mode for maildirsize file. + plus update to original patch. + +NM/26 Bugzilla 799: Documentation correction for ratelimit. + +NM/27 Bugzilla 802: Improvements to local interface IP addr detection. + Patch provided by David Brownlee. + +NM/28 Bugzilla 807: Improvements to LMTP delivery logging. + +NM/29 Bugzilla 862, 866, 875: Documentation bugfixes. + +NM/30 Bugzilla 888: TLS documentation bugfixes. + +NM/31 Bugzilla 896: Dovecot buffer overrun fix. + +NM/32 Bugzilla 889: Change all instances of "expr" in shell scripts to "expr --" + Unlike the original bugzilla I have changed all shell scripts in src tree. + +NM/33 Bugzilla 898: Transport filter timeout fix. + Patch by Todd Rinaldo. + +NM/34 Bugzilla 901: Fix sign/unsigned and UTF mistmatches. + Patch by Serge Demonchaux. + +NM/35 Bugzilla 39: Base64 decode bug fixes. + Patch by Jakob Hirsch. + +NM/36 Bugzilla 909: Correct connect() call in dcc code. + +NM/37 Bugzilla 910: Correct issue with relaxed/simple handling. + +NM/38 Bugzilla 908: Removed NetBSD3 support as no longer needed. + +NM/39 Bugzilla 911: Fixed MakeLinks build script. + + +Exim version 4.69 +----------------- + +TK/01 Add preliminary DKIM support. Currently requires a forked version of + ALT-N's libdkim that I have put here: + http://duncanthrax.net/exim-experimental/ + + Note to Michael Haardt: I had to rename some vars in sieve.c. They + were called 'true' and it seems that C99 defines that as a reserved + keyword to be used with 'bool' variable types. That means you could + not include C99-style headers which use bools without triggering + build errors in sieve.c. + +NM/01 Bugzilla 592: --help option is handled incorrectly if exim is invoked + as mailq or other aliases. Changed the --help handling significantly + to do whats expected. exim_usage() emits usage/help information. + +SC/01 Added the -bylocaldomain option to eximstats. + +NM/02 Bugzilla 619: Defended against bad data coming back from gethostbyaddr. + +NM/03 Bugzilla 613: Documentation fix for acl_not_smtp. + +NM/04 Bugzilla 628: PCRE update to 7.4 (work done by John Hall). + + +Exim version 4.68 +----------------- + +PH/01 Another patch from the Sieve maintainer. + +PH/02 When an IPv6 address is converted to a string for single-key lookup + in an address list (e.g. for an item such as "net24-dbm;/net/works"), + dots are used instead of colons so that keys in lsearch files need not + contain colons. This was done some time before quoting was made available + in lsearch files. However, iplsearch files do require colons in IPv6 keys + (notated using the quote facility) so as to distinguish them from IPv4 + keys. This meant that lookups for IP addresses in host lists did not work + for iplsearch lookups. + + This has been fixed by arranging for IPv6 addresses to be expressed with + colons if the lookup type is iplsearch. This is not incompatible, because + previously such lookups could never work. + + The situation is now rather anomolous, since one *can* have colons in + ordinary lsearch keys. However, making the change in all cases is + incompatible and would probably break a number of configurations. + +TK/01 Change PRVS address formatting scheme to reflect latests BATV draft + version. + +MH/01 The "spam" ACL condition code contained a sscanf() call with a %s + conversion specification without a maximum field width, thereby enabling + a rogue spamd server to cause a buffer overflow. While nobody in their + right mind would setup Exim to query an untrusted spamd server, an + attacker that gains access to a server running spamd could potentially + exploit this vulnerability to run arbitrary code as the Exim user. + +TK/02 Bugzilla 502: Apply patch to make the SPF-Received: header use + $primary_hostname instead of what libspf2 thinks the hosts name is. + +MH/02 The dsearch lookup now uses lstat(2) instead of stat(2) to look for + a directory entry by the name of the lookup key. Previously, if a + symlink pointed to a non-existing file or a file in a directory that + Exim lacked permissions to read, a lookup for a key matching that + symlink would fail. Now it is enough that a matching directory entry + exists, symlink or not. (Bugzilla 503.) + +PH/03 The body_linecount and body_zerocount variables are now exported in the + local_scan API. + +PH/04 Added the $dnslist_matched variable. + +PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client. + This means they are set thereafter only if the connection becomes + encrypted. + +PH/06 Added the client_condition to authenticators so that some can be skipped + by clients under certain conditions. + +PH/07 The error message for a badly-placed control=no_multiline_responses left + "_responses" off the end of the name. + +PH/08 Added -Mvc to output a copy of a message in RFC 2822 format. + +PH/09 Tidied the code for creating ratelimiting keys, creating them explicitly + (without spaces) instead of just copying the configuration text. + +PH/10 Added the /noupdate option to the ratelimit ACL condition. + +PH/11 Added $max_received_linelength. + +PH/12 Added +ignore_defer and +include_defer to host lists. + +PH/13 Installed PCRE version 7.2. This needed some changes because of the new + way in which PCRE > 7.0 is built. + +PH/14 Implemented queue_only_load_latch. + +PH/15 Removed an incorrect (int) cast when reading the value of SIZE in a + MAIL command. The effect was to mangle the value on 64-bit systems. + +PH/16 Another patch from the Sieve maintainer. + +PH/17 Added the NOTQUIT ACL, based on a patch from Ted Cooper. + +PH/18 If a system quota error occurred while trying to create the file for + a maildir delivery, the message "Mailbox is full" was not appended to the + bounce if the delivery eventually timed out. Change 4.67/27 below applied + only to a quota excession during the actual writing of the file. + +PH/19 It seems that peer DN values may contain newlines (and other non-printing + characters?) which causes problems in log lines. The DN values are now + passed through string_printing() before being added to log lines. + +PH/20 Added the "servers=" facility to MySQL and PostgreSQL lookups. (Oracle + and InterBase are left for another time.) + +PH/21 Added message_body_newlines option. + +PH/22 Guard against possible overflow in moan_check_errorcopy(). + +PH/23 POSIX allows open() to be a macro; guard against that. + +PH/24 If the recipient of an error message contained an @ in the local part + (suitably quoted, of course), incorrect values were put in $domain and + $local_part during the evaluation of errors_copy. + + Exim version 4.67 ----------------- @@ -154,6 +607,69 @@ PH/34 Change HDA_SIZE in oracle.c from 256 to 512. This is needed for 64-bit PH/35 Applied a patch from the Sieve maintainer which fixes a bug in "notify". +PH/36 Applied John Jetmore's patch to add -v functionality to exigrep. + +PH/37 If a message is not accepted after it has had an id assigned (e.g. + because it turns out to be too big or there is a timeout) there is no + "Completed" line in the log. When some messages of this type were + selected by exigrep, they were listed as "not completed". Others were + picked up by some special patterns. I have improved the selection + criteria to be more general. + +PH/38 The host_find_failed option in the manualroute router can now be set + to "ignore", to completely ignore a host whose IP address cannot be + found. If all hosts are ignored, the behaviour is controlled by the new + host_all_ignored option. + +PH/39 In a list of hosts for manualroute, if one item (either because of multi- + homing or because of multiple MX records with /mx) generated more than + one IP address, and the following item turned out to be the local host, + all the secondary addresses of the first item were incorrectly removed + from the list, along with the local host and any following hosts (which + is what is supposed to happen). + +PH/40 When Exim receives a message, it writes the login name, uid, and gid of + whoever called Exim into the -H file. In the case of the daemon it was + behaving confusingly. When first started, it used values for whoever + started the daemon, but after a SIGHUP it used the Exim user (because it + calls itself on a restart). I have changed the code so that it now always + uses the Exim user. + +PH/41 (Following a suggestion from Tony Finch) If all the RCPT commands in a + message are rejected with the same error (e.g. no authentication or bad + sender address), and a DATA command is nevertheless sent (as can happen + with PIPELINING or a stupid MUA), the error message that was given to the + RCPT commands is included in the rejection of the DATA command. This is + intended to be helpful for MUAs that show only the final error to their + users. + +PH/42 Another patch from the Sieve maintainer. + +SC/02 Eximstats - Differentiate between permanent and temporary rejects. + Eximstats - Fixed some broken HTML links and added missing column headers + (Jez Hancock). + Eximstats - Fixed Grand Total Summary Domains, Edomains, and Email + columns for Rejects, Temp Rejects, Ham, and Spam rows. + +SC/03 Eximstats - V1.58 Fix to get <> and blackhole to show in edomain tables. + +PH/43 Yet another patch from the Sieve maintainer. + +PH/44 I found a way to check for a TCP/IP connection going away before sending + the response to the final '.' that terminates a message, but only in the + case where the client has not sent further data following the '.' + (unfortunately, this is allowed). However, in many cases there won't be + any further data because there won't be any more messages to send. A call + to select() can be used: if it shows that the input is "ready", there is + either input waiting, or the socket has been closed. An attempt to read + the next input character can distinguish the two cases. Previously, Exim + would have sent an OK response which the client would never have see. + This could lead to message repetition. This fix should cure that, at + least in a lot of common cases. + +PH/45 Do not advertise STARTTLS in response to HELP unless it would be + advertised in response to EHLO. + Exim version 4.66 -----------------