Overview
Request 242387 superseded
- Add silence-static-checkers_beo1506.patch; (beo#1506).
- update to 4.83
This release of Exim includes one incompatible fix:
+ the behavior of expansion of arguments to math comparison functions
(<, <=, =, =>, >) was unexpected, expanding the values twice;
CVE-2014-2972; (bnc#888520)
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
- Verify source tar ball gpg signature.
- Refresh exim-enable_ecdh_openssl.patch and strip version number from the
patch filename.
The next two are a change log merge only. These two references got
somehow lost in the past.
- Fixed another remote code execution issue (CVE-2011-1407 / bnc#694798)
- Fixed STARTTLS command injection (bnc#695144)
- Created by lmuelle
- In state superseded
- Supersedes 242363
- Superseded by 242388
- Open review for opensuse-review-team
- Open review for factory-repo-checker
- Open review for factory-staging
Request History
lmuelle created request
- Add silence-static-checkers_beo1506.patch; (beo#1506).
- update to 4.83
This release of Exim includes one incompatible fix:
+ the behavior of expansion of arguments to math comparison functions
(<, <=, =, =>, >) was unexpected, expanding the values twice;
CVE-2014-2972; (bnc#888520)
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
- Verify source tar ball gpg signature.
- Refresh exim-enable_ecdh_openssl.patch and strip version number from the
patch filename.
The next two are a change log merge only. These two references got
somehow lost in the past.
- Fixed another remote code execution issue (CVE-2011-1407 / bnc#694798)
- Fixed STARTTLS command injection (bnc#695144)
licensedigger accepted review
{"approve": "version update 4.82 -> 4.83 covered by ldb"}
factory-auto accepted review
Check script succeeded
factory-auto added a reviewer
Please review sources
factory-auto added a reviewer
Please review build success
factory-auto added a reviewer
Pick Staging Project
- Add silence-static-checkers.patch; (beo#1506).
- update to 4.83
This release of Exim includes one incompatible fix:
+ the behavior of expansion of arguments to math comparison functions
(<, <=, =, =>, >) was unexpected, expanding the values twice;
CVE-2014-2972; (bnc#888520)
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
- Verify source tar ball gpg signature.
- Refresh exim-enable_ecdh_openssl.patch and strip version number from the
patch filename.
The next two are a change log merge only. These two references got
somehow lost in the past.
- Fixed another remote code execution issue (CVE-2011-1407 / bnc#694798)
- Fixed STARTTLS command injection (bnc#695144)