[exim] Exim 4.95 released

Top Page

Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-announce@exim.org, exim-users
Subject: [exim] Exim 4.95 released
Dear Exim users and maintainers,

we're proud to announce the release of Exim 4.95.

New stuff we've added since 4.94:

- From previous experimental support:
- fast-ramp queue run
- native SRS
- TLS resumption
- LMDB lookups with single key
- New:
- smtp transport option "message_linelength_limit"
- optionally ignore lookup caches
- quota checking for appendfile transport during message reception
- sqlite lookups allow a "file=<path>" option
- lsearch lookups allow a "ret=full" option
- command line option for the notifier socket
- faster TLS startup
- new main config option "proxy_protocol_timeout"
- expand "smtp_accept_max_per_connection"
- log selector "queue_size_exclusive"
- main config option "smtp_backlog_monitor"
- main config option "hosts_require_helo"
- main config option "allow_insecure_tainted_data"
- Removed:
- support for MacOS

All fixes from the 4.94.2+fixes branch (this includes the "21 nails" CVEs) are
included too.

If you upgrade from previous versions <4.94: the new taint checks are likely to
make your runtime configuration unusable. Read about the mitigation via the
"allow_insecure_tainted_data" first or make your configuration "taint check
proof".

If you upgrade from 4.94.2, nothing should break.

For those who used 4.95-RC2, a list changes that were introduced since RC2:

    * 780ea2a5c - OpenBSD: disable compiler-time param checking for string_sprintf() etc (8 days ago) <Jeremy Harris>
    * 8b78698fa - Docs: fix closed-mailinglist example (8 days ago) <Jeremy Harris>
    * 8f0d0a313 - DCC: fix loop expression (2 weeks ago) <Jeremy Harris>
    * 48505c2b8 - TLS: build dependency for LibreSSL (2 weeks ago) <Renaud Allard>
    * 6c706bde1 - Docs: tidying (3 weeks ago) <Jeremy Harris>
    * 889894461 - Fix validation of domain-literals in Message_ID: headers.  Bug 2805 (3 weeks ago) <Jeremy Harris>
    * 8dcd5efb1 - Avoid using CLOCK_MONOTONIC for $received_time.  Bug 2615 (4 weeks ago) <Jeremy Harris>


Exim 4.95 is available

- as tarball:        https://ftp.exim.org/pub/exim/exim4
- directly via Git:  https://git.exim.org/exim.git
                     tag exim-4.95


The tarball checksums are signed using the same GPG key as I used to
sign this message (Key-ID: D0BFD6B9ECA5694A6F149DCEAF4CC676A6B6C142),
as the tag and tagged commit are.

Thank you and all contributors for your support. Especially thanks to
Jeremy, as he does the vast majority of coding and support.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -