summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2021-05-27CVE-2020-28007: Link attack in Exim's log directoryQualys Security Advisory
2021-05-27CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()Heiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Avoid modification of constant data in dkim handlingHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Leave a clean smtp_out input buffer even in case of read errorHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Always exit when LOG_PANIC_DIE is setQualys Security Advisory
2021-05-27CVE-2020-28012: Missing close-on-exec flag for privileged pipeQualys Security Advisory
2021-05-27CVE-2020-28024: Heap buffer underflow in smtp_ungetc()Qualys Security Advisory
2021-05-27CVE-2020-28009: Integer overflow in get_stdinput()Qualys Security Advisory
2021-05-27CVE-2020-28015+28021: New-line injection into spool header fileQualys Security Advisory
2021-05-27CVE-2020-28026: Line truncation and injection in spool_read_header()Heiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28022: Heap out-of-bounds read and write in extract_option()Heiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28017: Integer overflow in receive_add_recipient()Heiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Refuse negative and large store allocationsHeiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()Heiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28011: Heap buffer overflow in queue_run()Qualys Security Advisory
2021-05-27CVE-2020-28010: Heap out-of-bounds write in main()Heiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28018: Use-after-free in tls-openssl.cQualys Security Advisory
2021-05-27CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()Qualys Security Advisory
2021-05-27CVE-2020-28014, CVE-2021-27216: PID file handlingHeiko Schlittermann (HS12-RIPE)
2021-05-27Add priv.c: reworked version of priv dropping codeHeiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28008: Assorted attacks in Exim's spool directoryHeiko Schlittermann (HS12-RIPE)
2021-05-27CVE-2020-28019: Failure to reset function pointer after BDAT errorJeremy Harris
2021-05-27SECURITY: smtp_out: Leave a clean input buffer, even in case of read errorHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Avoid modification of constant dataHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Avoid memory corruption in dkim handlingHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Avoid decrement of dkim_collect_input if already at 0Heiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Check overrun rcpt_count integerHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Fix safeguard against upward traversal in msglog files.Heiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: Don't miss the very last byte when reading long lines from -HHeiko Schlittermann (HS12-RIPE)
2021-05-27SECURITY: off-by-one in smtp transport (read response)Heiko Schlittermann (HS12-RIPE)
2021-05-27Start documenting the things we changed incompatibly.Phil Pennock
2021-05-27Inline four often-called new functionsPhil Pennock
2021-05-27Fixes for compilationJeremy Harris
2021-05-27SECURITY: rework BDAT receive function handlingPhil Pennock
2021-05-27SECURITY: fix SMTP verb option parsingPhil Pennock
2021-05-27SECURITY: Avoid integer overflow on too many recipientsPhil Pennock
2021-05-27SECURITY: default recipients_max to 50,000Phil Pennock
2021-05-27SECURITY: a second negative store guardPhil Pennock
2021-05-27SECURITY: refuse too small store allocationsPhil Pennock
2021-05-27SECURITY: fix Qualys CVE-2020-PFPZAPhil Pennock
2021-05-27SECURITY: fix Qualys CVE-2020-PFPSNPhil Pennock
2021-05-27SECURITY: fix Qualys CVE-2020-SLCWDPhil Pennock
2021-05-27SECURITY: pick up more argv length checksPhil Pennock
2021-05-27SECURITY: length limits on many cmdline optionsPhil Pennock
2021-05-27Re-ran the conversion of all DH parametersPhil Pennock
2021-05-27gen_pkcs3: Terminate string before calling BH_hex2bn()Simon Arlott
2021-05-27Default config: reject on too many bad RCPTPhil Pennock
2021-05-27Handle SIGINT as we do with SIGTERMHeiko Schlittermann (HS12-RIPE)
2021-05-27Enforce pid_file_path start at "/"Heiko Schlittermann (HS12-RIPE)
2021-05-27testsuite: tidy logs/4520 and confs/4520Heiko Schlittermann (HS12-RIPE)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 04:55:03 +0000