summaryrefslogtreecommitdiff
path: root/debian/exim4-base.NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'debian/exim4-base.NEWS')
-rw-r--r--debian/exim4-base.NEWS43
1 files changed, 43 insertions, 0 deletions
diff --git a/debian/exim4-base.NEWS b/debian/exim4-base.NEWS
new file mode 100644
index 0000000..b54a5d3
--- /dev/null
+++ b/debian/exim4-base.NEWS
@@ -0,0 +1,43 @@
+exim4 (4.30-1) unstable; urgency=low
+
+ * Exim now runs under its own uid (Debian-exim) instead of using mail:mail.
+
+ WARNING: You cannot downgrade this version to an older one without
+ manual chown|chrgrp all files owned by Debian-exim to mail.
+
+ Securitywise this is a tradeoff:
+ - if exim is SUID root and runs without deliver_drop_privilege you win:
+ exim's internal data in /var/spool/exim4 is not open to attacks by
+ bugs in programs SGID mail (mail delivery agents like deliver or
+ procmail, or MUAs like pine) anymore. This is Debians default setup.
+ - OTOH if you need to be able to make local deliveries to /var/mail and
+ want to run exim with reduced priviledge you have some additional work
+ to do:
+ * Use an SGID MDA for the actual delivery (I suggest maildrop.)
+ * Make changes to run exim4 under group mail:
+ - exim_group=mail.
+ - Hack: make Debian-exim a group with gid=8, i.e. an alias for
+ the mail group, _before_ you make the upgrade. (groupadd -o -g 8
+ Debian-exim)
+
+ -- Andreas Metzler <ametzler@debian.org> Sun, 7 Dec 2003 13:59:46 +0100
+
+exim4 (4.24-1) unstable; urgency=low
+
+ * This version of exim cannot run deliveries as root anymore, see change
+ 5a for exim 4.23 in /usr/share/doc/exim4-base/changelog.gz. If you
+ don't redirect mail for root via /etc/aliases to a nonpriviledged
+ account the mail will be delivered to /var/mail/mail with permissions
+ 0600 and owner mail:mail.
+
+ -- Andreas Metzler <ametzler@debian.org> Fri, 3 Oct 2003 18:11:17 +0200
+
+exim4 (4.22-1) unstable; urgency=low
+
+ * The way that the $h_ (and $header_) expansions work has been changed
+ by the addition of RFC 2047 decoding. See the main documentation (the
+ NewStuff file until release 4.30, then the manual) for full details.
+
+ Exim shipped with Debian defaults to HEADER_DECODE_TO="UTF-8"
+
+ -- Andreas Metzler <ametzler@debian.org> Mon, 18 Aug 2003 16:51:47 +0200
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-02 15:05:26 +0000