Bug#985450: buster-pu: package exim4/4.92-8+deb10u5
Control: tags -1 + confirmed
On Thu, 2021-03-18 at 13:53 +0100, Andreas Metzler wrote:
> I would like to fix two issues in buster:
> #1 Fix use of concurrent TLS connections under GnuTLS. When a
> callout was
> done during a receiving connection, and both used TLS, global info
> was
> used rather than per-connection info for tracking the state of
> data
> queued for transmission. This could result in a connection hang.
>
> #2 Fix issues related to certificate checking:
> a) Cherry-pick a bugfix to get proper hostname checking with CNAMES.
> Without this patch when connecting to a CNAME the server provided
> cert
> is checked against the A record instead of the original cname.
> #985243
>
> b) Document limitation/extent of server certificate checking that is
> done by default and how to change it. #985244 and #985344
>
Please go ahead.
Regards,
Adam
Reply to: