Oct 02, 2016
2.8.9 - Oct 02, 2016
Note this release contains a major security fix for those using the attachments
plugin. Previous versions of this plugin allowed remote code execution using specially crafted zip files. Users are urged to upgrade as soon as possible.
- Changes
- New Features
- Improvements
- The delay_deny plugin now has a whitelist mode (vs blacklist). #1564
- Don't show the private key in logs for dkim_sign. #1565
- update geoip for compat with newer ES (#1622)
- drop node 0.10 testing / official support (#1621)
- watch plugin displays UUIDs as URL (#1624)
- Catch errors on header decode in rfc2231 #1599
- Attachment plugin updates (#1606)
- add outbound.ini pool_timeout example setting #1584
- Bug Fixes
- Fixed some small documentation issues. #1573, #1616, #1612
- Fixed AUTH PLAIN when it spreads over two lines. #1550
- Fixed dkim_verify calling next() too soon. #1566
- Fixed bugs with outbound pools who shutdown before we QUIT. #1561, #1572
- outbound issues #1615, #1603
- Fixed adding/removing headers in rspamd plugin. #1562
- Fixed process_title not shutting down. #1560
- fix a spurious error emitted by p0f (#1623)
- fix header version hiding (#1617)
- messagestream returns destination (#1610)
- plugins.getdenyfn now passed 3rd params arg (#1591)
- Fix scope of spf logdebug (#1598)
- fix rabbitmq deliveryMode bug (#1594)
- fix dkim_sign TypeError with null mail_from.host (#1592)
- fix dkim_sign attempting to lower an undefined (#1587)