חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (19.01.15) - גרסה חדשה: Exim 4.85

(19.01.15) - גרסה חדשה: Exim 4.85

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


פרטים נוספים:
http://www.exim.org/
https://github.com/Exim/exim/blob/maste ... /ChangeLog

מה חדש:

TL/01 When running the test suite, the README says that variables such as      no_msglog_check are global and can be placed anywhere in a specific      test's script, however it was observed that placement needed to be near      the beginning for it to behave that way. Changed the runtest perl      script to read through the entire script once to detect and set these      variables, reset to the beginning of the script, and then run through      the script parsing/test process like normal.TL/02 The BSD's have an arc4random API. One of the functions to induce      adding randomness was arc4random_stir(), but it has been removed in      OpenBSD 5.5. Detect this OpenBSD version and skip calling this      function when detected.JH/01 Expand the EXPERIMENTAL_TPDA feature.  Several different events now      cause callback expansion.TL/03 Bugzilla 1518: Clarify "condition" processing in routers; that      syntax errors in an expansion can be treated as a string instead of      logging or causing an error, due to the internal use of bool_lax      instead of bool when processing it.JH/02 Add EXPERIMENTAL_DANE, allowing for using the DNS as trust-anchor for      server certificates when making smtp deliveries.JH/03 Support secondary-separator specifier for MX, SRV, TLSA lookups.JH/04 Add ${sort {list}{condition}{extractor}} expansion item.TL/04 Bugzilla 1216: Add -M (related messages) option to exigrep.TL/05 GitHub Issue 18: Adjust logic testing for true/false in redis lookups.      Merged patch from Sebastian Wiedenroth.JH/05 Fix results-pipe from transport process.  Several recipients, combined      with certificate use, exposed issues where response data items split      over buffer boundaries were not parsed properly.  This eventually      resulted in duplicates being sent.  This issue only became common enough      to notice due to the introduction of conection certificate information,      the item size being so much larger.  Found and fixed by Wolfgang Breyha.JH/06 Bug 1533: Fix truncation of items in headers_remove lists.  A fixed      size buffer was used, resulting in syntax errors when an expansion      exceeded it.JH/07 Add support for directories of certificates when compiled with a GnuTLS      version 3.3.6 or later.JH/08 Rename the TPDA expermimental facility to Event Actions.  The #ifdef      is EXPERIMENTAL_EVENT, the main-configuration and transport options      both become "event_action", the variables become $event_name, $event_data      and $event_defer_errno.  There is a new variable $verify_mode, usable in      routers, transports and related events.  The tls:cert event is now also      raised for inbound connections, if the main configuration event_action      option is defined.TL/06 In test suite, disable OCSP for old versions of openssl which contained      early OCSP support, but no stapling (appears to be less than 1.0.0).JH/09 When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on      server certificate names available under the smtp transport option      "tls_verify_cert_hostname" now do not permit multi-component wildcard      matches.JH/10 Time-related extraction expansions from certificates now use the main      option "timezone" setting for output formatting, and are consistent      between OpenSSL and GnuTLS compilations.  Bug 1541.JH/11 Fix a crash in mime ACL when meeting a zero-length, quoted or RFC2047-      encoded parameter in the incoming message.  Bug 1558.JH/12 Bug 1527: Autogrow buffer used in reading spool files.  Since they now      include certificate info, eximon was claiming there were spoolfile      syntax errors.JH/13 Bug 1521: Fix ldap lookup for single-attr request, multiple-attr return.JH/14 Log delivery-related information more consistently, using the sequence      "H= []" wherever possible.TL/07 Bug 1547: Omit RFCs from release. Draft and RFCs have licenses which      are problematic for Debian distribution, omit them from the release      tarball.JH/15 Updates and fixes to the EXPERIMENTAL_DSN feature.JH/16 Fix string representation of time values on 64bit time_t anchitectures.      Bug 1561.JH/17 Fix a null-indirection in certextract expansions when a nondefault      output list separator was used.

 

New Features

 1. If built with EXPERIMENTAL_DANE feature enabled, Exim will follow the
    DANE smtp draft to assess a secure chain of trust of the certificate
    used to establish the TLS connection based on a TLSA record in the
    domain of the sender.

 2. The EXPERIMENTAL_TPDA feature has been renamed to EXPERIMENTAL_EVENT
    and several new events have been created. The reason is because it has
    been expanded beyond just firing events during the transport phase. Any
    existing TPDA transport options will have to be rewritten to use a new
    $event_name expansion variable in a condition. Refer to the
    experimental-spec.txt for details and examples.

 3. The EXPERIMENTAL_CERTNAMES features is an enhancement to verify that
    server certs used for TLS match the result of the MX lookup. It does
    not use the same mechanism as DANE.