[exim-dev] Exim 4.82.1 Security Release

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Exim release 4.82.1 is now available from the primary ftp site: * ftp://ftp.exim.org/pub/exim/exim4/exim-4.82.1.tar.gz * ftp://ftp.exim.org/pub/exim/exim4/exim-4.82.1.tar.bz2 _ This is a

[exim-dev] Feature freeze for 4.83

This is the official announcement of feature freeze in the Exim master branch as we begin the RC process for a 4.83 release. Patches will be accepted for minor bugfixes, but no new features should be merged into master. Outstanding patch merges which are already in the Bugzilla are ok if they've

Re: [exim-dev] Exim 4.82.1 Security Release

Todd Lyons wrote, on 28/05/14 14:25: This issue is known by the CVE ID of CVE-2014-2957, was reported directly to the Exim development team by a company which uses Exim for its mail server. An Exim developer constructed a small patch which altered the way the contents of the From header is

[exim-dev] [Bug 1444] non-SMTP without -oi mangles linefeeds on multiple CRLF

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1444 Todd Lyons tly...@ivenue.com changed: What|Removed |Added

Re: [exim-dev] Exim 4.82.1 Security Release

On 28/05/14 15:11, Wolfgang Breyha wrote: Todd Lyons wrote, on 28/05/14 14:25: This issue is known by the CVE ID of CVE-2014-2957 Reading the diff... besides the improved coding, was this the same issue also fixed by http://bugs.exim.org/show_bug.cgi?id=1433 ? No. -- Cheers, Jeremy --

Re: [exim-dev] Exim 4.82.1 Security Release

On 2014-05-28 at 16:11 +0200, Wolfgang Breyha wrote: Reading the diff... besides the improved coding, was this the same issue also fixed by http://bugs.exim.org/show_bug.cgi?id=1433 ? Yes, but ... the supposed fix was inadequate. If you have that fix, you're still vulnerable. -- My employer,

[exim-dev] Exim 4.83 RC1 uploaded

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have uploaded Exim 4.83 RC1 to ftp://ftp.exim.org/pub/exim/exim4/test/ It has been 6 months since the last regular release. The RC process was supposed to begin 2 days ago, but a vulnerability and need for a rapid release of a patch diverted

[exim-dev] [Bug 1444] non-SMTP without -oi mangles linefeeds on multiple CRLF

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1444 Git Commit g...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1482] smtp_deliver() outbuffer too small

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1482 --- Comment #2 from Wolfgang Breyha wbre...@gmx.net 2014-05-28 23:14:53 --- I will try your patch on 4.83_rc1. I already increased outbuffer to 4096 bytes in