I have built, and placed on the FTP site, Release Candidate 1 for
exim release 4.94
ftp://ftp.exim.org/pub/exim/exim4/test/
The commit for RC1 is 632b9f8daa, at git://git.exim.org/exim.git
- ---------------------------------------------------------
New features since RC0:
- - An option on all single-key lookups, to return (on a hit) a de-tainted
version of the lookup key rather than the looked-up data.
- - $domain_data and $localpart_data are now set by all list-match
successes.
Previously only list items that performed lookups did so.
Also, matching list items that are tail-match or RE-match now set the
numeric variables $0 (etc) in the same way os other RE matches.
- - bounce_message_file and warn_message_file are now expanded before use.
Changes since RC0:
- - Fix a memory-handling bug: when a connection carried multiple messages
and an ACL use a lookup for checking either the local_part or domain,
stale data could be accessed. Ensure that variable references are
dropped between messages.
- - Fix SPA authenticator. Running as a server, an offset supplied
by the client was not checked as pointing within response data before
being used. A malicious client could thus cause an out-of-bounds read and
possibly gain authentication. Fix by adding the check.
- - Internationalisation: change the default for downconversion in the smtp
transport to be "if needed". Previously it was "as previously set" for
the message, which usually meant "if needed" for message-submission but
"no" for everything else. However, MTAs have been seen using SMTPUTF8
even when the envelope addresses did not need it, resulting in forwarding
failures to non-supporting MTAs. A downconvert in such cases will be
a no-op on the addresses, merely dropping the use of SMTPUTF8 by the
transport. The change does mean that addresses needing conversion will
be converted when previously a delivery failure would occur.
- - Fix possible long line in DSN. Previously when a very long SMTP error
response was received it would be used unchecked in a fail-DSN, violating
standards on line-length limits. Truncate if needed.
- --------------------------------------------------------------
Checksums for RC1:
SHA256 (exim-4.94-RC1.tar.bz2) = 24718d7b9354c3cdf65a6b261fcb5102d67163220dddc346caa1fe6bd3cc40b5
SHA256 (exim-4.94-RC1.tar.gz) = 0c6bb17cd0ee12fbb3ca3ebbfccbbb1462f8d111d36d49385946e354614fd508
SHA256 (exim-4.94-RC1.tar.xz) = 85c24cbcb3142934083fb492774fdedd5bfa814a850b47b3a75d3bedf03c562e
SHA256 (exim-html-4.94-RC1.tar.bz2) = 4be463206f9f404f88a484ea7d7d597d4249e387c39b82a333618e9514a9f450
SHA256 (exim-html-4.94-RC1.tar.gz) = f1466910671299d883ada2f4c7d2e319b9f6f10ff19bcc19b7eb477730883c93
SHA256 (exim-html-4.94-RC1.tar.xz) = 52dddc5f159ed4e709bc4b1f3c8c84c0039fb21df6b11095474512db4702ae7f
SHA256 (exim-pdf-4.94-RC1.tar.bz2) = 12bbb769f233156a2107e6c55731b960f172a55746dbdc926bbd0e758f30cd5d
SHA256 (exim-pdf-4.94-RC1.tar.gz) = 6c5835b5b8f7367e6a7e00ebea0ceb146a6c8e8deef998c007886652423c46fc
SHA256 (exim-pdf-4.94-RC1.tar.xz) = f2005e65929dcdf5d42e2ce63ad8b03fced85208e484b0e0995c81c3db27c2ea
SHA256 (exim-postscript-4.94-RC1.tar.bz2) = bc7c39bb7fdea1c1cf0b5a7d22ea9f76858c9be736ac490eadbcb6eef4592e99
SHA256 (exim-postscript-4.94-RC1.tar.gz) = f55b3753178f3fc351294f047251400a4f9cd044ae551a5886a37ae9ed35415f
SHA256 (exim-postscript-4.94-RC1.tar.xz) = b594a4980f6bf04589f6cba8f08305df16ce076f0ca10b4995258d6e768ea6fc
There are PGP signature files in the same ftp directory, signed by me using
key A986F3A6BD6377D8730958DEBCE58C8CE41F32DF.
- --
Cheers,
Jeremy
