[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-announce
Subject: [exim-announce] Exim 4.83 Released
From: Todd Lyons <tlyons () exim ! org>
Date: 2014-07-22 16:05:24
Message-ID: 20140722160523.GA25127 () exim ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have uploaded Exim 4.83 to:
ftp://ftp.exim.org/pub/exim/exim4/
This release of Exim includes one incompatible fix: the behavior of
expansion of arguments to math comparison functions (<, <=, =, =>, >)
was unexpected, expanding the values twice. This fix also addresses a
security advisory, CVE-2014-2972. This is not a remote exploit, but if
content that is searched by the above math comparison functions is under
the control of an attacker, specially crafted data can be inserted that
will cause the Exim mail server to perform various file-system functions
as the exim user.
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
The ChangeLog/NewStuff/README.UPDATING are packaged with the exim
tarball or can be reviewed online at:
http://git.exim.org/exim.git/blob/exim-4_83:/doc/doc-txt/ChangeLog
http://git.exim.org/exim.git/blob/exim-4_83:/doc/doc-txt/NewStuff
http://git.exim.org/exim.git/blob/exim-4_83:/src/README.UPDATING
The files are signed with the PGP key 0x04D29EBA, which has a uid
"Todd Lyons (Exim Maintainer) <tlyons@exim.org>". Please use your own
discretion in assessing what trust paths you might have to this uid.
Checksums are below. Detached PGP signatures in .asc files are available
alongside the tarballs.
Please report issues by replying to this email on exim-users.
Thank you for your patronage,
- ---Todd Lyons, pp The Exim Maintainers
SHA256(exim-4.83.tar.bz2) = \
efa031b89ffb2ab844a4bf9d3a5d7ca4d587d82b62ae233d68c4f26e079a6a02 \
SHA256(exim-4.83.tar.bz2.asc) = \
1d7c4cd0e3714244904f31e5b690226d258c5f8ef32c9a344ef662f05fcb8a73 \
SHA256(exim-4.83.tar.gz) = \
200880381fdd1b2ce36e49b9c9bcc8b57008ff02084b87d31c6ff9867e9fea06 \
SHA256(exim-4.83.tar.gz.asc) = \
91ef599c66df5661ca018116e7ca7408e57d22f9d3c0b7e6c465951a878ae044 \
SHA256(exim-html-4.83.tar.bz2) = \
d7b38922f2aedd9eb4db7aa0e1e1c0fcd948777a4c8bac7971eaf4b2959bf0de \
SHA256(exim-html-4.83.tar.bz2.asc) = \
9d20439e8c1f6c25cb120fe9e7ecc689c513bf5607ebd80e07a511a8def8d5a1 \
SHA256(exim-html-4.83.tar.gz) = \
a58e077170225efe78cadcedd4bc1d66d34c87a5581ee597e0634e475e1f60ab \
SHA256(exim-html-4.83.tar.gz.asc) = \
c7bfb22f2df14af4f5e058138f347d3868c5d8b0c366ca26fe3b3a16b0c66cb3 \
SHA256(exim-pdf-4.83.tar.bz2) = \
478fca2c13fbda403fb0c373dc61e82aa434e7167c0341f24b83195afd294b82 \
SHA256(exim-pdf-4.83.tar.bz2.asc) = \
fc01512d0be78b1412be0abcb0a204afa5ab46a8b45bc9396ded364d1ddc0e00 \
SHA256(exim-pdf-4.83.tar.gz) = \
8f5e31e4b8c1fa8e402f6e0baf24350df916d78bfa888a4a6b435d0853766b2e \
SHA256(exim-pdf-4.83.tar.gz.asc) = \
3203916a6fe142f258e69e8c2361df40b9b3b67bbbe8bb34de58e17597acc517 \
SHA256(exim-postscript-4.83.tar.bz2) = \
7f8ef825a832debdab54173bfb4e86acaaa6eb139a64e8b87a785183354375cf \
SHA256(exim-postscript-4.83.tar.bz2.asc) = \
ff13e6e5799a98336b3953045f1348aab1f9e52b9d0da2b0fbe909a22d264a40 \
SHA256(exim-postscript-4.83.tar.gz) = \
9f184baee80875caa4d27b15495500afc4eae44f275b63b170dcccc3cdf19769 \
SHA256(exim-postscript-4.83.tar.gz.asc) = \
31171cba3aac6205abf08f122154a6d8a84c12763ccf0a78719ab3af9356c86d
- --
Regards... Todd
The greatest shortcoming of the human race is our inability to
understand the exponential function. --Albert Bartlett, physicist
Linux kernel 2.6.16.27-0.9-smp load average: 0.29, 0.40, 0.55
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlPOi8MACgkQxPT5SATSnrrAiwCdHFNW1GTxUX6u0Cm9xh4Kpvn9
Yb8Anj+cinGDQuQ1JST9YY1MVVV40dcw
=XQg5
-----END PGP SIGNATURE-----
--
## List details at https://lists.exim.org/mailman/listinfo/exim-announce Exim details \
at http://www.exim.org/ ##
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic