+exim4 (4.87-3) unstable; urgency=medium
+
+ Starting with 4.87~RC1-1 exim will not accept or send out messages with
+ physical lines longer than 998 characters by SMTP DATA. Delivery of such
+ RFC-violating message might fail and subsequently cause routing errors and
+ loss of legitimate mail. See <https://bugs.exim.org/show_bug.cgi?id=1684>.
+ This limit can be disabled by setting the macro
+ IGNORE_SMTP_LINE_LENGTH_LIMIT.
+
+ -- Andreas Metzler <ametzler@debian.org> Sun, 08 May 2016 14:03:10 +0200
+
+exim4 (4.87-2) unstable; urgency=medium
+
+ exim4-daemon heavy does not support the "demime" ACL condition
+ (WITH_OLD_DEMIME) anymore. It was superceded by the acl_smtp_mime ACL and
+ will not be part of the next upstream release.
+
+ -- Andreas Metzler <ametzler@debian.org> Sat, 30 Apr 2016 13:38:29 +0200
+
+exim4 (4.87~RC6-3) unstable; urgency=medium
+
+ As part of the fix for CVE-2016-1531 updated Exim versions clean
+ the complete execution environment by default, affecting Exim and
+ subprocesses such as routers calling other programs, and thus may break
+ existing installations. New configuration options (keep_environment,
+ add_environment) were introduced to adjust this behavior. Because of the
+ possible breakage Exim will show a runtime warning if keep_environment is
+ not set.
+
+ The Debian exim4 configuration does not rely on specific environment
+ variables and therefore sets 'keep_environment =' (i.e confirm empty
+ environment).
+
+ Users of custom Exim configurations will need to check whether their setup
+ continues to work with the abovementioned upstream change and modify the
+ Exim environment as needed otherwise. If the setup works fine with empty
+ environment it is still necessary to set the main configuration option
+ "keep_environment =" to quiet the runtime warning.
+
+ See <https://exim.org/static/doc/CVE-2016-1531.txt> for details.
+
+ -- Andreas Metzler <ametzler@debian.org> Wed, 23 Mar 2016 18:44:22 +0100
+
+exim4 (4.80~rc6-1) experimental; urgency=low
+
+ Upstream's handling of GnuTLS DH parameters has changed, hardcoded
+ parameters (from RFCs are used by default. See
+ /usr/share/doc/exim4-base/README.UPDATING* for details. Stop shipping
+ /usr/share/exim4/exim4_refresh_gnutls-params /usr/share/exim4/timeout.pl
+ and /var/spool/exim4/gnutls-params-2236.
+
+ -- Andreas Metzler <ametzler@debian.org> Sun, 27 May 2012 18:46:48 +0200
+
+exim4 (4.80~rc2-1) experimental; urgency=low
+
+ Ldap lookups returning multi-valued attributes now separate the attributes
+ with only a comma, not a comma-space sequence.
+
+ The GnuTLS support has been mostly rewritten. exim main configuration
+ options gnutls_require_kx, gnutls_require_mac and gnutls_require_protocols,
+ are no longer supported. (They are ignored if present now, but will trigger
+ an error in later releases.) Their functionality is entirely subsumed into
+ tls_require_ciphers. In turn, tls_require_ciphers is no longer an Exim list
+ and is not parsed by Exim, but is instead given to gnutls_priority_init(3).
+
+ See /exim4-base/usr/share/doc/exim4-base/README.UPDATING.gz for details.
+
+ -- Andreas Metzler <ametzler@debian.org> Sat, 22 Oct 2011 19:16:58 +0200
+
+exim4 (4.77~rc4-1) experimental; urgency=low
+
+ Exim no longer performs string expansion on the second string of
+ the match_* expansion conditions: "match_address", "match_domain",
+ "match_ip" & "match_local_part". Named lists can still be used.
+
+ The previous behavior made it too easy to create (remotely) vulnerable
+ configurations. A more detailed rationale and explanation can be found on
+ https://lists.exim.org/lurker/message/20111003.122326.fbcf32b7.en.html
+
+ -- Andreas Metzler <ametzler@debian.org> Thu, 05 Oct 2011 19:22:52 +0200
+
+exim4 (4.72-3) unstable; urgency=low
+
+ Exim versions up to and including 4.72 are vulnerable to CVE-2010-4345.
+ This is a privilege escalation issue that allows the exim user to gain
+ root privileges by specifying an alternate configuration file using the -C
+ option. The macro override facility (-D) might also be misused for this
+ purpose.
+
+ In reaction to this security vulnerability upstream has made a number of
+ user visible changes. This package includes these changes.
+ ---------------------------------------------------------
+ If exim is invoked with the -C or -D option the daemon will not regain
+ root privileges though re-execution. This is usually necessary for local
+ delivery, though. Therefore it is generally not possible anymore to run an
+ exim daemon with -D or -C options.
+
+ However this version of exim has been built with
+ TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. TRUSTED_CONFIG_LIST
+ defines a list of configuration files which are trusted; if a config file
+ is owned by root and matches a pathname in the list, then it may be
+ invoked by the Exim build-time user without Exim relinquishing root
+ privileges.
+
+ As a hotfix to not break existing installations of mailscanner we have
+ also set WHITELIST_D_MACROS=OUTGOING. i.e. it is still possible to start
+ exim with -DOUTGOING while being able to do local deliveries.
+
+ If you previously were using -D switches you will need to change your
+ setup to use a separate configuration file. The ".include" mechanism
+ makes this easy.
+ ---------------------------------------------------------
+ The system filter is run as exim_user instead of root by default. If your
+ setup requies root privileges when running the system filter you will
+ need to set the system_filter_user exim main configuration option.
+ ---------------------------------------------------------
+
+ -- Andreas Metzler <ametzler@debian.org> Sat, 18 Dec 2010 18:57:16 +0100
+
+exim4 (4.69-4) unstable; urgency=low
+
+ In reaction to #475194, the size of the Diffie-Hellman parameters
+ used by exim was increased to 2048, which is GnuTLS's default.
+
+ Since periodically regenerating the Diffie-Hellman parameters
+ doesn't increase security that much (they're sent in clear text in the
+ TLS handshake, and some protocols even have hardcoded them in the
+ standard document), and automatically generating 2048 bits
+ Diffie-Hellman parameters can take a long time, this has been disabled
+ in the Exim4 packages starting with 4.69-4. All exim installations
+ will thus run with the Diffie-Hellman parameters shipped in the
+ package by default.
+
+ Really, really paranoid people with sufficiently fast machines will
+ want to set up a cron job calling
+ /usr/share/exim4/exim4_refresh_gnutls-params manually - suggested
+ interval is weekly or monthly.
+
+ -- Marc Haber <mh+debian-packages@zugschlus.de> Sun, 27 Apr 2008 09:14:32 +0200
+
exim4 (4.68-1) unstable; urgency=low
In order to fix #420217, the handling of incoming messages to
-- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 29 Apr 2006 22:36:31 +0000
+exim4 (4.60-2) unstable; urgency=low
+
+ The exim4 daemon packages now include a symlink from
+ /usr/sbin/exim4 to /usr/sbin/exim. This can break exim 3 cron and
+ init scripts if the last exim 3 you had installed was any earlier
+ than 3.36-5 and the conffiles from your exim 3 package are still
+ around. Be sure to have any exim 4 earlier than 3.36-5 _purged_
+ (not removed) before installing this package.
+
+ -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 24 Jan 2006 14:58:08 +0100
+
exim4 (4.50-5) unstable; urgency=low
mailname, the local name of the system used to qualify senders and
-- Andreas Metzler <ametzler@debian.org> Wed, 12 May 2004 13:42:23 +0200
+exim4 (4.31-2) unstable; urgency=low
+
+ The local_scan perl-plugin has been removed because upstream
+ development has stopped. (am)
+
+ -- Andreas Metzler <ametzler@debian.org> Mon, 5 Apr 2004 15:55:12 +0200
+
exim4 (4.30-5) unstable; urgency=low
(Re)introduce /etc/exim4/exim4.conf.template as alternative to the
-- Andreas Metzler <ametzler@debian.org> Sun, 11 Jan 2004 13:03:43 +0100
+exim4 (4.30-1) unstable; urgency=low
+
+ * Exim now runs under its own uid (Debian-exim) instead of using mail:mail.
+
+ WARNING: You cannot downgrade this version to an older one without
+ manual chown|chrgrp all files owned by Debian-exim to mail.
+
+ Securitywise this is a tradeoff:
+ - if exim is SUID root and runs without deliver_drop_privilege you win:
+ exim's internal data in /var/spool/exim4 is not open to attacks by
+ bugs in programs SGID mail (mail delivery agents like deliver or
+ procmail, or MUAs like pine) anymore. This is Debian's default setup.
+ - OTOH if you need to be able to make local deliveries to /var/mail and
+ want to run exim with reduced priviledge you have some additional work
+ to do:
+ * Use an SGID MDA for the actual delivery (I suggest maildrop.)
+ * Make changes to run exim4 under group mail:
+ - exim_group=mail.
+ - Hack: make Debian-exim a group with gid=8, i.e. an alias for
+ the mail group, _before_ you make the upgrade. (groupadd -o -g 8
+ Debian-exim)
+
+ -- Andreas Metzler <ametzler@debian.org> Sun, 7 Dec 2003 13:59:46 +0100
+
+exim4 (4.24-1) unstable; urgency=low
+
+ * This version of exim cannot run deliveries as root anymore, see change
+ 5a for exim 4.23 in /usr/share/doc/exim4-base/changelog.gz. If you
+ don't redirect mail for root via /etc/aliases to a nonpriviledged
+ account the mail will be delivered to /var/mail/mail with permissions
+ 0600 and owner mail:mail.
+
+ -- Andreas Metzler <ametzler@debian.org> Fri, 3 Oct 2003 18:11:17 +0200
+
+exim4 (4.22-2) unstable; urgency=low
+
+ Include exiscan-acl patch http://duncanthrax.net/exiscan-acl/ in
+ -heavy and -custom for easy integration of content-scanning and
+ invoking spamassassin at SMTP time.
+
+ -- Andreas Metzler <ametzler@debian.org> Wed, 27 Aug 2003 12:50:59 +0200
+
+exim4 (4.22-1) unstable; urgency=low
+
+ * The way that the $h_ (and $header_) expansions work has been changed
+ by the addition of RFC 2047 decoding. See the main documentation (the
+ NewStuff file until release 4.30, then the manual) for full details.
+
+ Exim shipped with Debian defaults to HEADER_DECODE_TO="UTF-8"
+
+ -- Andreas Metzler <ametzler@debian.org> Mon, 18 Aug 2003 16:51:47 +0200
+
exim4 (4.20-2) unstable; urgency=low
Rewriting now uses /etc/email-addresses instead of