| version 1.55, 2016/08/15 23:16:08 |
version 1.56, 2016/08/16 02:13:38 |
|
|
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
| <li>OpenSMTPD 5.9.1 |
<li>OpenSMTPD 6.0.0 |
| <ul> |
<ul> |
| <li>... |
<li>Security: |
| |
<ul> |
| |
<li>Implement the fork+exec pattern in |
| |
<a href="http://man.openbsd.org/smtpd">smtpd(8)</a>. |
| |
<li>Fix a logic issue in the SMTP state machine that can lead to |
| |
an invalid state and result in a crash. |
| |
<li>Plug a file-pointer leak that can lead to resource exhaustion |
| |
and result in a crash. |
| |
<li>Use automatic DH parameters instead of fixed ones. |
| |
<li>Disable DHE by default since it is computationally expensive |
| |
and a potential DoS vector. |
| |
</ul> |
| |
<li>The following improvements were brought in this release: |
| |
<ul> |
| |
<li>Add the <tt>-r</tt> option to the |
| |
<a href="http://man.openbsd.org/smtpd">smtpd(8)</a> |
| |
enqueuer for compatibility with mailx. |
| |
<li>Explicitly enclose SMTP transactions between BEGIN and |
| |
COMMIT/ROLLBACK filter events. |
| |
<li>Add missing date or message-id when listening on the submit |
| |
port. |
| |
<li>Fix "smtpctl show queue" reporting "invalid" envelope state. |
| |
<li>Rework the format of the "Received" header so that the TLS |
| |
part does not violate the RFC. |
| |
<li>Increase the number of connections a local address is |
| |
allowed to establish, and decrease the delay between |
| |
transactions in the same session. |
| |
<li>Properly reset the transaction when a filter rejects a |
| |
message. |
| |
<li>Deal with LMTP servers returning continuation lines. |
| |
</ul> |
| </ul> |
</ul> |
| <p> |
<p> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to 60.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www