Mailing List Archive

Exim 4.95-RC0 released
Hi *

Too much time has gone since 4.94, we released 4.94.2, supported several
fixes for the unofficial 4.94.2+fixes release, fixed the "21 nails" CVEs
and now it is time to prepare Exim 4.95.

As usual we'll publish several release candidates and we ask *you* to do
as much testing as possible and provide us feedback. This covers build
issues with unusual libraries, runtime issues in unusual environments
and any other kind of things that should be fixed.

The Exim 4.95-RC0 is available

- as tarball: https://ftp.exim.org/pub/exim/exim4/test
- directly from Git: https://git.exim.org
tag exim-4.95-RC0

The tarball checksums are signed using the same GPG key as I used to
sign this message (Key-ID: D0BFD6B9ECA5694A6F149DCEAF4CC676A6B6C142),
as the tag and tagged commit are.

There is no feature freeze yet. If you have anything that should make
it into the official release, and is mature enough to be included in
this phase, please contact us.

New stuff we've added since 4.94:

- from previous experimental support:
- fast-ramp queue run
- native SRS
- TLS resumption
- LMDB lookups with single key
- new:
- smtp transport option "message_linelength_limit"
- optionally ignore lookup caches
- quota checking for appendfile transport during message reception
- Sqlite lookups allow a "file=<path>" option
- Lsearch lookups allow a "ret=full" option
- command line option for the notifier socket
- faster TLS startup
- new main config option "proxy_protocol_timeout"
- expand "smtp_accept_max_per_connection"
- log selector "queue_size_exclusive"
- main config option "smtp_backlog_monitor"
- main config option "hosts_require_helo"
- main config option "allow_insecure_tainted_data"

All fixes from the 4.94.2+fixes branch (this includes the "21 nails"
CVEs) are included too.

If you upgrade from previous versions <4.94: the new taint checks are
likely to make your runtime configuration unusable. Read about the
mitigation via the "allow_insecure_tainted_data" first or make your
configuration "taint check proof".

If you upgrade from 4.94.2, nothing should break.

A note on MacOS support: We're not sure about the demand. Please
contact us, in case you need to run Exim on MacOS. We might ask you then for
running a build farm animal and helping us more than usual, as we do not
own a MacOS based machine.


Thank you for using Exim.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -