X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/f444c2c7e41c8a2b43b6270708e7eb88831f11e0..8d042305ef14df8cabcf7ae33767d019741dd59f:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 52d4aeb56..5469c4bdb 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -2,6 +2,10 @@ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.88 +----------------- + + Exim version 4.87 ----------------- JH/01 Bug 1664: Disable OCSP for GnuTLS library versions at/before 3.3.16 @@ -142,7 +146,63 @@ JH/33 Bug 1748: Permit ACL dnslists= condition in non-smtp ACLs if explicit JH/34 Bug 1192: replace the embedded copy of PolarSSL RSA routines in the DKIM support, by using OpenSSL or GnuTLS library ones. This means DKIM is - only supported when built with TLS support. + only supported when built with TLS support. The PolarSSL SHA routines + are still used when the TLS library is too old for convenient support. + +JH/35 Require SINGLE_DH_USE by default in OpenSSL (main config option + openssl_options), for security. OpenSSL forces this from version 1.1.0 + server-side so match that on older versions. + +JH/36 Bug 1778: longstanding bug in memory use by the ${run } expansion: A fresh + allocation for $value could be released as the expansion processing + concluded, but leaving the global pointer active for it. + +JH/37 Bug 1769: Permit a VRFY ACL to override the default 252 response, + and to use the domains and local_parts ACL conditions. + +JH/38 Fix cutthrough bug with body lines having a single dot. The dot was + incorrectly not doubled on cutthrough transmission, hence seen as a + body-termination at the receiving system - resulting in truncated mails. + Commonly the sender saw a TCP-level error, and retransmitted the message + via the normal store-and-forward channel. This could result in duplicates + received - but deduplicating mailstores were liable to retain only the + initial truncated version. + +JH/39 Bug 1781: Fix use of DKIM private-keys having trailing '=' in the base-64. + +JH/40 Fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS. + +JH/41 Bug 1792: Fix selection of headers to sign for DKIM: bottom-up. While + we're in there, support oversigning also; bug 1309. + +JH/42 Bug 1796: Fix error logged on a malware scanner connection failure. + +HS/04 Add support for keep_environment and add_environment options. + +JH/43 Tidy coding issues detected by gcc --fsanitize=undefined. Some remain; + either intentional arithmetic overflow during PRNG, or testing config- + induced overflows. + +JH/44 Bug 1800: The combination of a -bhc commandline option and cutthrough + delivery resulted in actual delivery. Cancel cutthrough before DATA + stage. + +JH/45 Fix cutthrough, when connection not opened by verify and target hard- + rejects a recipient: pass the reject to the originator. + +JH/46 Multiple issues raised by Coverity. Some were obvious or plausible bugs. + Many were false-positives and ignorable, but it's worth fixing the + former class. + +JH/47 Fix build on HP-UX and older Solaris, which need (un)setenv now also + for the new environment-manipulation done at startup. Move the routines + from being local to tls.c to being global via the os.c file. + +JH/48 Bug 1807: Fix ${extract } for the numeric/3-string case. While preparsing + an extract embedded as result-arg for a map, the first arg for extract + is unavailable so we cannot tell if this is a numbered or keyed + extraction. Accept either. + Exim version 4.86