-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.57 2004/12/22 12:05:45 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.58 2004/12/29 10:16:52 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
55. Some experimental protocols are using DNS PTR records for new purposes. The
keys for these records are domain names, not reversed IP addresses. The
- dnsdb lookup now tests whether it's key is an IP address. If not, it leaves
- it alone. Component reversal etc. now happens only for IP addresses.
+ dnsdb PTR lookup now tests whether its key is an IP address. If not, it
+ leaves it alone. Component reversal etc. now happens only for IP addresses.
56. Improve error message when ldap_search() fails in OpenLDAP or Solaris LDAP.
(2) The default for smtp_banner uses $smtp_active_hostname instead
of $primary_hostname.
+60. The host_aton() function is supposed to be passed a string that is known
+ to be a valid IP address. However, in the case of IPv6 addresses, it was
+ not checking this. This is a hostage to fortune. Exim now panics and dies
+ if the condition is not met. A case was found where this could be provoked
+ from a dnsdb lookup; fortuitously, this particular loophole had already
+ been fixed by change 4.50/55 above. If there are any other similar
+ loopholes, the new check should stop them being exploited.
+
Exim version 4.43
-----------------
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.23 2004/12/22 12:05:45 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.24 2004/12/29 10:16:52 ph10 Exp $
New Features in Exim
--------------------
19. The Exiscan patch is now merged into the main source. See src/EDITME for
parameters for the build.
-20. If the key for a dnsdb lookup is not an IP address, it is used verbatim,
- without component reversal and without the addition of in-addr.arpa or
- ip6.arpa.
+20. If the key for a dnsdb PTR lookup is not an IP address, it is used
+ verbatim, without component reversal and without the addition of
+ in-addr.arpa or ip6.arpa.
21. Two changes related to the smtp_active_hostname option:
-/* $Cambridge: exim/src/src/host.c,v 1.3 2004/11/18 11:17:33 ph10 Exp $ */
+/* $Cambridge: exim/src/src/host.c,v 1.4 2004/12/29 10:16:53 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
if (*p == ':') p++;
- /* Split the address into components separated by colons. */
+ /* Split the address into components separated by colons. The input address
+ is supposed to be checked for syntax. There was a case where this was
+ overlooked; to guard against that happening again, check here and crash if
+ there is a violation. */
while (*p != 0)
{
int len = Ustrcspn(p, ":");
if (len == 0) nulloffset = ci;
+ if (ci > 7) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
+ "Internal error: invalid IPv6 address \"%s\" passed to host_aton()",
+ address);
component[ci++] = p;
p += len;
if (*p == ':') p++;
git://git.exim.org / users / jgh / exim.git / commitdiff