===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/60.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- www/60.html 2016/08/15 23:16:08 1.55
+++ www/60.html 2016/08/16 02:13:38 1.56
@@ -404,9 +404,39 @@
-
OpenSMTPD 5.9.1
+OpenSMTPD 6.0.0
- - ...
+
- Security:
+
+ - Implement the fork+exec pattern in
+ smtpd(8).
+
- Fix a logic issue in the SMTP state machine that can lead to
+ an invalid state and result in a crash.
+
- Plug a file-pointer leak that can lead to resource exhaustion
+ and result in a crash.
+
- Use automatic DH parameters instead of fixed ones.
+
- Disable DHE by default since it is computationally expensive
+ and a potential DoS vector.
+
+ - The following improvements were brought in this release:
+
+ - Add the -r option to the
+ smtpd(8)
+ enqueuer for compatibility with mailx.
+
- Explicitly enclose SMTP transactions between BEGIN and
+ COMMIT/ROLLBACK filter events.
+
- Add missing date or message-id when listening on the submit
+ port.
+
- Fix "smtpctl show queue" reporting "invalid" envelope state.
+
- Rework the format of the "Received" header so that the TLS
+ part does not violate the RFC.
+
- Increase the number of connections a local address is
+ allowed to establish, and decrease the delay between
+ transactions in the same session.
+
- Properly reset the transaction when a filter rejects a
+ message.
+
- Deal with LMTP servers returning continuation lines.
+