Skip to main content

Momentum 4.4.1 Changelog

Last updated May 2023

This section will list all of the major changes that happened with the release of Momentum 4.4.1. Depending on installation type, all changes may not be applicable

FixSD-2935Crash when outbound_throttle_messages is configured at the same time as core_mailq_throttle_message hook
FixSD-2995soft_bounce functionality periodically tries using an invalid connection handle causing a crash
FixSD-3070Fix transmission_id truncation when calling msg_gen_check_transmission_expiration_hook
FixSD-3167Fixed stack overflow in http2clnt module
FixSD-3263DKIM Oversigning to Avoid Replay Attacks
FixSD-3288Transmission API does not sanity check recipient list for empty array
FixSD-3335, SD-3374, SD-3775Files created from lu_pull are now all owned by ecuser
FixSD-3497DSNs are not Generated when RCPTO is Upper Case
FixSD-3535extract_sender_from_msg moved to msys namespace
FixSD-3606rcpt_to incorrect for "Unconfigured sending domain" rejection events for multi-recipient SMTP injections
FixSD-3619Fix crashes in Sieve when creating new messages
FixSD-3649Upgrade to latest jlog package
FixSD-3685Invalid write in outbound smtp auth when base64 encoded username + password is length of a power of 2
FixSD-3702Incorrect DKIM signature for some large body messages
FixSD-3755Fixed bug that prevented more than one redirect lookup on SPF records
Security FixSD-2871Fix Error "Inconsistent nullness check"
Security FixSD-2873Fix Error " Dead code due to goto or break statement" alert
Security FixSD-2870Fix Error "Duplicate include guard" alert in Momentum
Security FixSD-2846Fix Critical "Non-constant format string" alerts in Momentum
Security FixSD-2847Fix Critical "Use of potentially dangerous function" alerts in Momentum
Security FixSD-2848Fix Critical "Unbounded write" alerts in Momentum
Security FixSD-2849Fix Critical "Potentially overrunning write" alerts in Momentum
Security FixSD-2850Fix critical "Static array access may cause overflow" alerts in Momentum
Security FixSD-2851Fix Critical "Potentially unsafe use of strcat" alerts in Momentum
Security FixSD-3099Fix Critical "Unbounded write" codeQL alert
Security FixSD-2866Fix High "Not enough memory allocated for array of pointer type" alert
Security FixSD-2863Fix High "Overflow in uncontrolled allocation size"
Security FixSD-2864Fix High "Time-of-check time-of-use filesystem race condition"
Security FixSD-2855Fix High "Use of a broken or risky cryptographic algorithm" alert in Momentum
Security FixSD-2856Fix High "Multiplication result converted to larger type" alert
Security FixSD-2857Fix High "Call to alloca in a loop" alert
Security FixSD-2858Fix High "Potentially uninitialized local variable" alerts
Security FixSD-2867Fix High "Array offset used before range check" alert in Momentum
Security FixSD-2868Fix High "Incorrect 'not' operator usage" alert
Security FixSD-2872Fix Warning " Unsigned comparison to zero" alert
Security FixSD-3074Fix Warning "Lossy function result cast"
Security FixSD-2876Fix Warning "Ambiguously signed bit-field member" alert
Security FixSD-2875Fix Warning "Comparison result is always the same" alert
FeatureSD-2751Adjust threshold for triggering automated memory/thread stats collection in panic log
FeatureSD-2764HTTP endpoints to retrieve queue sizes
FeatureSD-3061Update sk_tool so it works with auth login for SP
FeatureSD-3081Add millisecond precision to SMTP tracing
FeatureSD-3087Momentum summary HTTP endpoint
FeatureSD-3093Run lua object -> json string serialization for http responses into a thread pool
FeatureSD-3170Momentum Transmissions API: Allow blank or empty subject header and customer supplied header values
FeatureSD-3206Issues with behavior when STARTTLS is issued on an in-use connection
FeatureSD-3503Prevent protocol deviations related to openssl without the performance impact of SD-2734
FeatureSD-3622Move JSON parsing and utf-8 validation out of CPU thread pool to dedicated thread pool
FeatureSD-3623Improve transmissions API sampling capabilities
FeatureSD-3633Move ET link processing out of CPU thread pool to dedicated thread pool
FeatureSD-3559Only pull necessary fields when validating stored templates for transmissions requests
FeatureSD-3661Empty header fields are stripped from generated messages
Was this page helpful?