-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 have uploaded Exim 4.83 to: ftp://ftp.exim.org/pub/exim/exim4/
This release of Exim includes one incompatible fix: the behavior of expansion of arguments to math comparison functions (<, <=, =, =>, >) was unexpected, expanding the values twice. This fix also addresses a security advisory, CVE-2014-2972. This is not a remote exploit, but if content that is searched by the above math comparison functions is under the control of an attacker, specially crafted data can be inserted that will cause the Exim mail server to perform various file-system functions as the exim user. This release contains the following enhancements and bugfixes: + PRDR was promoted from Experimental to mainline + OCSP Stapling was promoted from Experimental to mainline + new Experimental feature Proxy Protocol + new Experimental feature DSN (Delivery Status Notifications) + TLS session improvements + TLS SNI fixes + LDAP enhancements + DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy + several new operations (listextract, utf8clean, md5, sha1) + enforce header formatting with verify=header_names_ascii + new commandline option -oMm + new TLSA dns lookup + new malware "sock" type + cutthrough routing enhancements + logging enhancements + DNSSEC enhancements + exiqgrep enhancements + deprecating non-standard SPF results + build and portability fixes + documentation fixes and enhancements The ChangeLog/NewStuff/README.UPDATING are packaged with the exim tarball or can be reviewed online at: http://git.exim.org/exim.git/blob/exim-4_83:/doc/doc-txt/ChangeLog http://git.exim.org/exim.git/blob/exim-4_83:/doc/doc-txt/NewStuff http://git.exim.org/exim.git/blob/exim-4_83:/src/README.UPDATING The files are signed with the PGP key 0x04D29EBA, which has a uid "Todd Lyons (Exim Maintainer) <[email protected]>". Please use your own discretion in assessing what trust paths you might have to this uid. Checksums are below. Detached PGP signatures in .asc files are available alongside the tarballs. Please report issues by replying to this email on exim-users. Thank you for your patronage, - ---Todd Lyons, pp The Exim Maintainers SHA256(exim-4.83.tar.bz2) = efa031b89ffb2ab844a4bf9d3a5d7ca4d587d82b62ae233d68c4f26e079a6a02 SHA256(exim-4.83.tar.bz2.asc) = 1d7c4cd0e3714244904f31e5b690226d258c5f8ef32c9a344ef662f05fcb8a73 SHA256(exim-4.83.tar.gz) = 200880381fdd1b2ce36e49b9c9bcc8b57008ff02084b87d31c6ff9867e9fea06 SHA256(exim-4.83.tar.gz.asc) = 91ef599c66df5661ca018116e7ca7408e57d22f9d3c0b7e6c465951a878ae044 SHA256(exim-html-4.83.tar.bz2) = d7b38922f2aedd9eb4db7aa0e1e1c0fcd948777a4c8bac7971eaf4b2959bf0de SHA256(exim-html-4.83.tar.bz2.asc) = 9d20439e8c1f6c25cb120fe9e7ecc689c513bf5607ebd80e07a511a8def8d5a1 SHA256(exim-html-4.83.tar.gz) = a58e077170225efe78cadcedd4bc1d66d34c87a5581ee597e0634e475e1f60ab SHA256(exim-html-4.83.tar.gz.asc) = c7bfb22f2df14af4f5e058138f347d3868c5d8b0c366ca26fe3b3a16b0c66cb3 SHA256(exim-pdf-4.83.tar.bz2) = 478fca2c13fbda403fb0c373dc61e82aa434e7167c0341f24b83195afd294b82 SHA256(exim-pdf-4.83.tar.bz2.asc) = fc01512d0be78b1412be0abcb0a204afa5ab46a8b45bc9396ded364d1ddc0e00 SHA256(exim-pdf-4.83.tar.gz) = 8f5e31e4b8c1fa8e402f6e0baf24350df916d78bfa888a4a6b435d0853766b2e SHA256(exim-pdf-4.83.tar.gz.asc) = 3203916a6fe142f258e69e8c2361df40b9b3b67bbbe8bb34de58e17597acc517 SHA256(exim-postscript-4.83.tar.bz2) = 7f8ef825a832debdab54173bfb4e86acaaa6eb139a64e8b87a785183354375cf SHA256(exim-postscript-4.83.tar.bz2.asc) = ff13e6e5799a98336b3953045f1348aab1f9e52b9d0da2b0fbe909a22d264a40 SHA256(exim-postscript-4.83.tar.gz) = 9f184baee80875caa4d27b15495500afc4eae44f275b63b170dcccc3cdf19769 SHA256(exim-postscript-4.83.tar.gz.asc) = 31171cba3aac6205abf08f122154a6d8a84c12763ccf0a78719ab3af9356c86d - -- Regards... Todd All truth passes through three stages. First, it is ridiculed. Second, it is violently opposed. Third, it is accepted as being self-evident. Linux kernel 2.6.16.27-0.9-smp load average: 0.63, 0.78, 0.70 To: Cc: Bcc: Subject: Reply-To: Organization: exim.org Exim MTA Developers - -- Regards... Todd I've visited conferences where the wireless LAN was deemed "secure" by the organisation because they had outlawed sniffers. --Neils Bakker Linux kernel 2.6.16.27-0.9-smp load average: 0.61, 0.48, 0.42 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iEYEARECAAYFAlPOfGQACgkQxPT5SATSnrr+4gCdGc7PMVxAhNQmTU9WVTwqN8s9 xNwAoJRDcXxeNZgYhS7ByNGEGt7HsXPh =Abf5 -----END PGP SIGNATURE----- -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
