delta/exim4.git - git.exim.org: exim.git

	Commit message (Expand)	Author	Age	Files	Lines
*	Merge branch 'exim-4.92.3+fixes+qualys' into exim-4.92.3+fixesexim-4.92.3+fixes	Heiko Schlittermann (HS12-RIPE)	2021-05-01	39	-351/+799
\|\
\| *	Fix BDAT issue for body w/o trailing CRLF (again Bug 1974)	Heiko Schlittermann (HS12-RIPE)	2021-05-01	1	-0/+1
\| *	testsuite: reproduce BDAT with missing eol (Bug 1974)	Heiko Schlittermann (HS12-RIPE)	2021-05-01	3	-10/+73
\| *	testsuite: adjustments for CVE-2020-28014, CVE-2021-27216 (Arbitrary PID file...	Heiko Schlittermann (HS12-RIPE)	2021-05-01	2	-56/+0
\| *	CVE-2020-28014, CVE-2021-27216: Arbitrary PID file creation, clobbering, and ...	Heiko Schlittermann (HS12-RIPE)	2021-05-01	4	-21/+232
\| *	testsuite: adjustments for CVE-2020-28008 (spool dir attacks)	Heiko Schlittermann (HS12-RIPE)	2021-05-01	9	-9/+0
\| *	CVE-2020-28008: Assorted attacks in Exim's spool directory	Heiko Schlittermann (HS12-RIPE)	2021-04-30	11	-54/+80
\| *	CVE-2020-28007: Link attack in Exim's log directory	Qualys Security Advisory	2021-04-30	5	-182/+234
\| *	CVE-2020-28019: Failure to reset function pointer after BDAT error	Qualys Security Advisory	2021-04-30	3	-9/+48
\| *	Security: Avoid modification of constant data in dkim handling	Qualys Security Advisory	2021-04-30	1	-9/+12
\| *	Security: Leave a clean smtp_out input buffer even in case of read error	Qualys Security Advisory	2021-04-30	1	-2/+4
\| *	Security: Avoid decrement of dkim_collect_input if already at 0	Qualys Security Advisory	2021-04-30	1	-1/+1
\| *	Security: Fix off-by-one in smtp transport (read response)	Qualys Security Advisory	2021-04-30	1	-2/+2
\| *	Security: Always exit when LOG_PANIC_DIE is set	Qualys Security Advisory	2021-04-30	1	-0/+1
\| *	Security: Check overrun rcpt_count integer	Qualys Security Advisory	2021-04-30	1	-0/+2
\| *	Security: Safeguard against relative names for msglog files.	Qualys Security Advisory	2021-04-30	1	-0/+4
\| *	CVE-2020-28012: Missing close-on-exec flag for privileged pipe	Qualys Security Advisory	2021-04-30	1	-0/+4
\| *	CVE-2020-28024: Heap buffer underflow in smtp_ungetc()	Qualys Security Advisory	2021-04-30	2	-0/+6
\| *	CVE-2020-28009: Integer overflow in get_stdinput()	Qualys Security Advisory	2021-04-30	1	-1/+22
\| *	CVE-2020-28015+28021: New-line injection into spool header file	Qualys Security Advisory	2021-04-30	1	-4/+17
\| *	CVE-2020-28026: Line truncation and injection in spool_read_header()	Qualys Security Advisory	2021-04-30	1	-15/+33
\| *	CVE-2020-28022: Heap out-of-bounds read and write in extract_option()	Qualys Security Advisory	2021-04-30	1	-7/+13
\| *	CVE-2020-28017: Integer overflow in receive_add_recipient()	Qualys Security Advisory	2021-04-30	1	-2/+8
\| *	Security: Refuse negative and large store allocations	Qualys Security Advisory	2021-04-30	1	-1/+28
\| *	CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()	Qualys Security Advisory	2021-04-30	1	-3/+6
\| *	CVE-2020-28011: Heap buffer overflow in queue_run()	Qualys Security Advisory	2021-04-30	1	-4/+10
\| *	CVE-2020-28010: Heap out-of-bounds write in main()	Qualys Security Advisory	2021-04-30	1	-5/+6
\| *	CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()	Qualys Security Advisory	2021-04-30	3	-3/+5
\| *	CVE-2020-28018: Use-after-free in tls-openssl.c	Qualys Security Advisory	2021-04-30	1	-4/+0
\| *	CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()	Qualys Security Advisory	2021-04-30	1	-3/+3
\|/
*	CHUNKING: fix all-RCPTs-rejected, non-pipelined. Bug 2454	Jeremy Harris	2019-10-19	5	-25/+75
*	Fix errorcheck in smtp transport	Jeremy Harris	2019-10-12	1	-1/+1
*	Testsuite: avoid picking 0.0.0.0 as the HOSTIPV4; permit 10.0/8 apart from 10...	Jeremy Harris	2019-09-29	2	-2/+4
*	fixup! exim_dbmbuild: handle { '\\', '\0' } sequence.	Heiko Schlittermann (HS12-RIPE)	2019-09-29	1	-1/+1
*	exim_dbmbuild: handle { '\\', '\0' } sequence.	Heiko Schlittermann (HS12-RIPE)	2019-09-29	1	-0/+1
*	Fix ${domain:} for a bare local-part input. Bug 2375	Jeremy Harris	2019-09-29	3	-5/+10
*	Auth: handle socket read errors in Dovecot authenticator	Bruce Lee	2019-09-29	1	-2/+2
*	Fix crash after TLS channel shutdown	Jeremy Harris	2019-09-29	3	-52/+39
*	Fix bounce generation under RFC 3461 request. Bug 2411	Jeremy Harris	2019-09-29	6	-1/+105
*	Fix DSN Final-Recipient: field	Jeremy Harris	2019-09-29	16	-50/+66
*	Unbreak heimdal_gssapi auth driver	Phil Pennock	2019-09-29	2	-2/+3
*	Fix detection of 32b platform at build time. Bug 2405	Jeremy Harris	2019-09-29	3	-73/+83
*	Use dsn_from for success-DSN messages. Bug 2404	Jeremy Harris	2019-09-29	2	-2/+6
*	GnuTLS: fix the advertising of acceptable certs by the server. Bug 2389	Jeremy Harris	2019-09-29	2	-0/+12
*	Fix listing a named queue by a non-admin user. Bug 2398	Jeremy Harris	2019-09-29	2	-12/+17
*	GnuTLS: fix $tls_out_ocsp under hosts_request_ocsp	Jeremy Harris	2019-09-29	4	-9/+16
*	Testsuite: GnuTLS version variances	Jeremy Harris	2019-09-29	3	-16/+8
*	Testsuite: avoid recent-perl feature use	Jeremy Harris	2019-09-29	1	-1/+1
*	GnuTLS 3.6.7 cipher strings	Jeremy Harris	2019-09-29	5	-29/+89
*	Testsuite: output changes resulting	Jeremy Harris	2019-09-29	1	-1/+1