hMailServer changelog for 5.6.7

Version 5.6.7 - Build 2415 (2017-07-09)

  • Issue 225: Fixes an issue where TLS would not be used if the sending server did not use the proper syntax for the STARTTLS command.

Version 5.6.7 - Build 2407 (2017-01-26)

  • Various security-related improvements have been made to hMailServer WebAdmin, primarily to reduce the risk of attacks using XSS and CSRF.
  • OpenSSL has been upgraded to 1.0.2k

Version 5.6.7 - Build 2405 (2017-01-06)

  • Issue 208: If the cipher list contains unsupported ciphers, hMailServer will now report an error but continue running. This change will prevent hMailServer from stop working after an upgrade (which previously happened if the cipher list contained ciphers supported in the old but not in the new version)

Version 5.6.7 - Build 2399 (2017-01-03)

  • OpenSSL upgraded from 1.0.1u to 1.0.2j. OpenSSL 1.0.1 is no longer supported by the OpenSSL team (starting 2017-01-01). OpenSSL 1.0.2 contains a lot of changes, for example removal of several weak ciphers. If your cipher list references ciphers which no longer exists, hMailServer will fail to start. This issue will be fixed in the next build.
  • Full change log