delta/exim4.git - git.exim.org: exim.git

	Commit message (Expand)	Author	Age	Files	Lines
...
*	Fix SSL creds file watching on kevent platforms (BSDs) for symlinks	Jeremy Harris	2021-06-05	1	-7/+10
*	DMARC: note unsupported library versions issue	Jeremy Harris	2021-06-04	2	-0/+7
*	debug: fix openssl output	Jeremy Harris	2021-06-04	4	-17/+24
*	Testsuite: regen certificates suite with fixed Authority Identifier	Jeremy Harris	2021-06-04	515	-4594/+4782
*	DKIM: under GnuTLS, permit weak algorithms	Jeremy Harris	2021-06-03	1	-1/+2
*	Testsuite: use higher-spec certs, for more-recent GnuTLS versions which depre...	Jeremy Harris	2021-06-03	22	-91/+59
*	tidying	Jeremy Harris	2021-05-28	1	-19/+13
*	Update testcase output to match newly applied default config limit	Jeremy Harris	2021-05-28	1	-4/+4
*	Fix testsuite output for DB cases	Jeremy Harris	2021-05-28	6	-6/+0
*	tidying	Jeremy Harris	2021-05-28	1	-30/+24
*	Logging: avoid pause during log-open under testsuite	Jeremy Harris	2021-05-28	1	-1/+1
*	Fix dmarc build	Jeremy Harris	2021-05-28	2	-2/+2
*	Docs: enhance section on redirect router :defer: & :fail:	Jeremy Harris	2021-05-28	1	-1/+1
*	Merge branch 'qualys-2020'	Heiko Schlittermann (HS12-RIPE)	2021-05-27	75	-696/+1473
\|\
\| *	Fix BDAT issue for body w/o trailing CRLF (again Bug 1974)	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-0/+1
\| *	testsuite: reproduce BDAT with missing eol (Bug 1974)	Heiko Schlittermann (HS12-RIPE)	2021-05-27	3	-10/+73
\| *	Cleanup docs on cve-2020-qualys, point to the Exim website	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-0/+2
\| *	rewrite: revert to unchecked result of parse_extract_address()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-1/+17
\| *	Honour the outcome of parse_extract_address(), testsuite 471	Heiko Schlittermann (HS12-RIPE)	2021-05-27	6	-16/+110
\| *	Update upgrade notes and source about use of seteuid()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	2	-10/+14
\| *	CVE-2020-28007: Link attack in Exim's log directory	Qualys Security Advisory	2021-05-27	5	-97/+146
\| *	CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-3/+3
\| *	SECURITY: Avoid modification of constant data in dkim handling	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-5/+5
\| *	SECURITY: Leave a clean smtp_out input buffer even in case of read error	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-1/+2
\| *	SECURITY: Always exit when LOG_PANIC_DIE is set	Qualys Security Advisory	2021-05-27	2	-0/+5
\| *	CVE-2020-28012: Missing close-on-exec flag for privileged pipe	Qualys Security Advisory	2021-05-27	2	-0/+8
\| *	CVE-2020-28024: Heap buffer underflow in smtp_ungetc()	Qualys Security Advisory	2021-05-27	2	-0/+6
\| *	CVE-2020-28009: Integer overflow in get_stdinput()	Qualys Security Advisory	2021-05-27	1	-1/+18
\| *	CVE-2020-28015+28021: New-line injection into spool header file	Qualys Security Advisory	2021-05-27	1	-5/+18
\| *	CVE-2020-28026: Line truncation and injection in spool_read_header()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-16/+32
\| *	CVE-2020-28022: Heap out-of-bounds read and write in extract_option()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-9/+14
\| *	CVE-2020-28017: Integer overflow in receive_add_recipient()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-6/+6
\| *	SECURITY: Refuse negative and large store allocations	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-6/+12
\| *	CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-6/+1
\| *	CVE-2020-28011: Heap buffer overflow in queue_run()	Qualys Security Advisory	2021-05-27	1	-4/+10
\| *	CVE-2020-28010: Heap out-of-bounds write in main()	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-6/+3
\| *	CVE-2020-28018: Use-after-free in tls-openssl.c	Qualys Security Advisory	2021-05-27	1	-4/+0
\| *	CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()	Qualys Security Advisory	2021-05-27	1	-1/+1
\| *	CVE-2020-28014, CVE-2021-27216: PID file handling	Heiko Schlittermann (HS12-RIPE)	2021-05-27	4	-47/+149
\| *	Add priv.c: reworked version of priv dropping code	Heiko Schlittermann (HS12-RIPE)	2021-05-27	14	-73/+81
\| *	CVE-2020-28008: Assorted attacks in Exim's spool directory	Heiko Schlittermann (HS12-RIPE)	2021-05-27	2	-51/+68
\| *	CVE-2020-28019: Failure to reset function pointer after BDAT error	Jeremy Harris	2021-05-27	1	-1/+14
\| *	SECURITY: smtp_out: Leave a clean input buffer, even in case of read error	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-2/+3
\| *	SECURITY: Avoid modification of constant data	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-8/+9
\| *	SECURITY: Avoid memory corruption in dkim handling	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-6/+8
\| *	SECURITY: Avoid decrement of dkim_collect_input if already at 0	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-1/+1
\| *	SECURITY: Check overrun rcpt_count integer	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-1/+5
\| *	SECURITY: Fix safeguard against upward traversal in msglog files.	Heiko Schlittermann (HS12-RIPE)	2021-05-27	2	-1/+3
\| *	SECURITY: Don't miss the very last byte when reading long lines from -H	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-1/+1
\| *	SECURITY: off-by-one in smtp transport (read response)	Heiko Schlittermann (HS12-RIPE)	2021-05-27	1	-2/+2