Exim version 4.68 ----------------- PH/01 Another patch from the Sieve maintainer. PH/02 When an IPv6 address is converted to a string for single-key lookup in an address list (e.g. for an item such as "net24-dbm;/net/works"), dots are used instead of colons so that keys in lsearch files need not contain colons. This was done some time before quoting was made available in lsearch files. However, iplsearch files do require colons in IPv6 keys (notated using the quote facility) so as to distinguish them from IPv4 keys. This meant that lookups for IP addresses in host lists did not work for iplsearch lookups. This has been fixed by arranging for IPv6 addresses to be expressed with colons if the lookup type is iplsearch. This is not incompatible, because previously such lookups could never work. The situation is now rather anomolous, since one *can* have colons in ordinary lsearch keys. However, making the change in all cases is incompatible and would probably break a number of configurations. TK/01 Change PRVS address formatting scheme to reflect latests BATV draft version. MH/01 The "spam" ACL condition code contained a sscanf() call with a %s conversion specification without a maximum field width, thereby enabling a rogue spamd server to cause a buffer overflow. While nobody in their right mind would setup Exim to query an untrusted spamd server, an attacker that gains access to a server running spamd could potentially exploit this vulnerability to run arbitrary code as the Exim user. TK/02 Bugzilla 502: Apply patch to make the SPF-Received: header use $primary_hostname instead of what libspf2 thinks the hosts name is. MH/02 The dsearch lookup now uses lstat(2) instead of stat(2) to look for a directory entry by the name of the lookup key. Previously, if a symlink pointed to a non-existing file or a file in a directory that Exim lacked permissions to read, a lookup for a key matching that symlink would fail. Now it is enough that a matching directory entry exists, symlink or not. (Bugzilla 503.) PH/03 The body_linecount and body_zerocount variables are now exported in the local_scan API. PH/04 Added the $dnslist_matched variable. PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client. This means they are set thereafter only if the connection becomes encrypted. PH/06 Added the client_condition to authenticators so that some can be skipped by clients under certain conditions. PH/07 The error message for a badly-placed control=no_multiline_responses left "_responses" off the end of the name. PH/08 Added -Mvc to output a copy of a message in RFC 2822 format. PH/09 Tidied the code for creating ratelimiting keys, creating them explicitly (without spaces) instead of just copying the configuration text. PH/10 Added the /noupdate option to the ratelimit ACL condition. PH/11 Added $max_received_linelength. PH/12 Added +ignore_defer and +include_defer to host lists. PH/13 Installed PCRE version 7.2. This needed some changes because of the new way in which PCRE > 7.0 is built. PH/14 Implemented queue_only_load_latch. PH/15 Removed an incorrect (int) cast when reading the value of SIZE in a MAIL command. The effect was to mangle the value on 64-bit systems. PH/16 Another patch from the Sieve maintainer. PH/17 Added the NOTQUIT ACL, based on a patch from Ted Cooper. PH/18 If a system quota error occurred while trying to create the file for a maildir delivery, the message "Mailbox is full" was not appended to the bounce if the delivery eventually timed out. Change 4.67/27 below applied only to a quota excession during the actual writing of the file. PH/19 It seems that peer DN values may contain newlines (and other non-printing characters?) which causes problems in log lines. The DN values are now passed through string_printing() before being added to log lines. PH/20 Added the "servers=" facility to MySQL and PostgreSQL lookups. (Oracle and InterBase are left for another time.) PH/21 Added message_body_newlines option. PH/22 Guard against possible overflow in moan_check_errorcopy(). PH/23 POSIX allows open() to be a macro; guard against that. PH/24 If the recipient of an error message contained an @ in the local part (suitably quoted, of course), incorrect values were put in $domain and $local_part during the evaluation of errors_copy. ****