2ed86c4d65
* Failure to get a lock on a hints database can have serious consequences so log it to the panic log. * Log LMTP confirmation messages in the same way as SMTP, controlled using the smtp_confirmation log selector. * Include the error message when we fail to unlink a spool file. * Bugzilla 139: Support dynamically loaded lookups as modules. * Bugzilla 139: Documentation and portability issues. Avoid GNU Makefile-isms, let Exim continue to build on BSD. Handle per-OS dynamic-module compilation flags. * Let /dev/null have normal permissions. The 4.73 fixes were a little too stringent and complained about the permissions on /dev/null. Exempt it from some checks. * Report version information for many libraries, including Exim version information for dynamically loaded libraries. Created version.h, now support a version extension string for distributors who patch heavily. Dynamic module ABI change. * CVE-2011-0017 - check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. * Bugzilla 1041: merged DCC maintainer's fixes for return code. * Bugzilla 1071: fix delivery logging with untrusted macros. If dropping privileges for untrusted macros, we disabled normal logging on the basis that it would fail; for the Exim run-time user, this is not the case, and it resulted in successful deliveries going unlogged. |
||
|---|---|---|
| .. | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||