Package: exim4 / 4.84.2-2+deb8u5

Metadata

Package Version Patches format
exim4 4.84.2-2+deb8u5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
31_eximmanpage.dpatch | (download)

doc/exim.8 | 76 48 + 28 - 0 !
1 file changed, 48 insertions(+), 28 deletions(-)

 we ship the binary as exim4 instead of exim, fix manpage
 accordingly.
32_exim4.dpatch | (download)

OS/Makefile-Linux | 4 2 + 2 - 0 !
src/exicyclog.src | 2 1 + 1 - 0 !
src/exim_checkaccess.src | 2 1 + 1 - 0 !
src/eximon.src | 2 1 + 1 - 0 !
src/exinext.src | 4 2 + 2 - 0 !
src/exiqgrep.src | 2 1 + 1 - 0 !
src/exiwhat.src | 2 1 + 1 - 0 !
src/globals.c | 2 1 + 1 - 0 !
8 files changed, 10 insertions(+), 10 deletions(-)

 accomodate source for installing exim as exim4.
33_eximon.binary.dpatch | (download)

OS/eximon.conf-Default | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
34_eximstatsmanpage.dpatch | (download)

src/eximstats.src | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 add note about installing perl-modules on debian to
 generated manpage
35_install.dpatch | (download)

scripts/exim_install | 15 7 + 8 - 0 !
1 file changed, 7 insertions(+), 8 deletions(-)

 exim's installation scripts install the binary as
 exim-<version> - disable this feature.
50_localscan_dlopen.dpatch | (download)

src/EDITME | 15 15 + 0 - 0 !
src/config.h.defaults | 2 2 + 0 - 0 !
src/globals.c | 4 4 + 0 - 0 !
src/globals.h | 3 3 + 0 - 0 !
src/local_scan.c | 165 118 + 47 - 0 !
src/local_scan.h | 3 3 + 0 - 0 !
src/readconf.c | 3 3 + 0 - 0 !
7 files changed, 148 insertions(+), 47 deletions(-)

 allow to use and switch between different local_scan functions
 without recompiling exim.
 http://marc.merlins.org/linux/exim/files/sa-exim-current/ Original patch from
 David Woodhouse, modified first by Derrick 'dman' Hudson and then by Marc
 MERLIN for SA-Exim and minor/major API version tracking
60_convert4r4.dpatch | (download)

src/convert4r4.src | 26 26 + 0 - 0 !
1 file changed, 26 insertions(+)

 add a warning message to convert4r4
66_enlarge dh parameters size.dpatch | (download)

src/tls-gnu.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 enlarge default server side size of dh parameters to 2048
 from 1024. This patch has no effect if building against gnutls >= 2.12,
 because exim is using gnutls_sec_param_to_pk_bits() to get correct number
 of dh_bits when built against newer gnutls-versions.
67_unnecessaryCopt.diff | (download)

src/exicyclog.src | 4 2 + 2 - 0 !
src/eximon.src | 4 2 + 2 - 0 !
src/exinext.src | 6 3 + 3 - 0 !
src/exiwhat.src | 4 2 + 2 - 0 !
4 files changed, 9 insertions(+), 9 deletions(-)

 stop using exim's -c option in utility scripts (exiwhat
  et al.) since this breaks with ALT_CONFIG_PREFIX.
70_remove_exim users_references.dpatch | (download)

README | 12 10 + 2 - 0 !
src/eximstats.src | 3 1 + 2 - 0 !
2 files changed, 11 insertions(+), 4 deletions(-)

---
80_mime_empty_charset.diff | (download)

src/mime.c | 18 12 + 6 - 0 !
src/mime.h | 10 5 + 5 - 0 !
2 files changed, 17 insertions(+), 11 deletions(-)

 [patch] fix crash in mime acl when a parameter is zero-length


81_buffer overrun in spam acl.diff | (download)

src/spam.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 [patch] fix buffer overrun in spam= acl condition.  bug 1552


82_quoted or r 2047 encoded.diff | (download)

src/mime.c | 103 56 + 47 - 0 !
1 file changed, 56 insertions(+), 47 deletions(-)

 [patch] account properly for quoted or 2047-encoded mime parameters
 while walking headers. Bug 1558


83_Remove limit on remove_headers item size. Bug 1533.patch | (download)

src/transport.c | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 [patch] remove limit on remove_headers item size. bug 1533


84_Fix truncation of items in headers_remove lists this.patch | (download)

src/routers/rf_get_munge_headers.c | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 [patch] fix truncation of items in headers_remove lists, this time in
 routers.  Bug 1533


85_Fix crash in mime acl when a parameter is unterminat.patch | (download)

src/mime.c | 33 11 + 22 - 0 !
1 file changed, 11 insertions(+), 22 deletions(-)

 [patch] fix crash in mime acl when a parameter is unterminated

Verified-by: Wolfgang Breyha <wbreyha@gmx.net>

86_Avoid crash with badly terminated non recognised mim.patch | (download)

src/mime.c | 18 11 + 7 - 0 !
1 file changed, 11 insertions(+), 7 deletions(-)

 [patch] avoid crash with badly-terminated non-recognised mime
 parameter


87_Fix transport results pipe for multiple recipients c.patch | (download)

src/deliver.c | 158 118 + 40 - 0 !
src/macros.h | 4 4 + 0 - 0 !
2 files changed, 122 insertions(+), 40 deletions(-)

 [patch] fix transport-results pipe for multiple recipients combined
 with certs.

The previous parsing failed when a result item split over a buffer boundary;
fix by prefixing sizes to items, and checking enough has been read as the
initial parsing stage.

89_01_only_warn_on_nonempty_environment.diff | (download)

doc/spec.txt | 6 4 + 2 - 0 !
src/readconf.c | 6 3 + 3 - 0 !
2 files changed, 7 insertions(+), 5 deletions(-)

 don't issue env warning if env is empty
 keep_environment needs to be mentioned in the runtime config.
 Setting add_environment isn't enough to suppress the warning.

 (cherry picked from commit 8e58ed807c77febfde61d3cf47928302f93cc99c)
89_01_p_Delay chdir until we opened the main config.patch | (download)

doc/spec.txt | 2 0 + 2 - 0 !
src/exim.c | 13 6 + 7 - 0 !
src/readconf.c | 17 9 + 8 - 0 !
3 files changed, 15 insertions(+), 17 deletions(-)

 [patch] delay chdir(/) until we opened the main config


89_02_Store the initial working directory.diff | (download)

doc/spec.txt | 7 7 + 0 - 0 !
src/exim.c | 12 10 + 2 - 0 !
src/expand.c | 1 1 + 0 - 0 !
src/globals.c | 1 1 + 0 - 0 !
src/globals.h | 1 1 + 0 - 0 !
5 files changed, 20 insertions(+), 2 deletions(-)

 store the initial working directory, expand $initial_cwd.
 Bug 1805 https://bugs.exim.org/show_bug.cgi?id=1805
90_Cutthrough Fix bug with dot only line.patch | (download)

src/receive.c | 10 9 + 1 - 0 !
1 file changed, 9 insertions(+), 1 deletion(-)

 [patch] cutthrough: fix bug with dot-only line
 JH/38 Fix cutthrough bug with body lines having a single dot. The dot was
      incorrectly not doubled on cutthrough transmission, hence seen as a
      body-termination at the receiving system - resulting in truncated mails.
      Commonly the sender saw a TCP-level error, and retransmitted the nessage
      via the normal store-and-forward channel. This could result in duplicates
      received - but deduplicating mailstores were liable to retain only the
      initial truncated version.
 (cherry picked from commit 1bc460a64a0de0766d21f4f8660c6597bc410cbc)


91_Expansions Fix crash in crypteq On OpenBSD a bad sec.patch | (download)

src/expand.c | 14 11 + 3 - 0 !
1 file changed, 11 insertions(+), 3 deletions(-)

 [patch] expansions: fix crash in crypteq: on openbsd a bad second-arg
 results in an error-return from crypt().  Errorcheck that return.


92_CVE 2016 1238.diff | (download)

src/eximstats.src | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

---
93_CVE 2016 9963 Fix DKIM information leakage.patch | (download)

src/dkim.c | 2 2 + 0 - 0 !
src/transports/smtp.c | 4 3 + 1 - 0 !
2 files changed, 5 insertions(+), 1 deletion(-)

 [patch 1/2] fix dkim information leakage


94_Fix memory leak on Gnu TLS close.patch | (download)

src/tls-gnu.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 [patch] fix memory leak on (gnu)tls close.

This leak doesn't show up under normal operation, as the process
normally dies right after closing the session.

But during callout repetitive TLS sessions are opened and closed from
the same process (the process receiving the message). Depending on
the amount of RAM and the number of callouts the same process does,
this may be a problem. (On an amd64 machine with 4GB RAM, at about 1000
recipients the memory is exhausted.)

(cherry picked from commit ed62aae3051c9a713d35c8ae516fbd193d1401ba)

95_CVE 2017 1000369.patch | (download)

src/exim.c | 19 17 + 2 - 0 !
1 file changed, 17 insertions(+), 2 deletions(-)

---
96_Fix base64d buffer size CVE 2018 6789.patch | (download)

src/auths/b64decode.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 fix base64d() buffer size (cve-2018-6789)
 Credits for discovering this bug: Meh Chang <meh@devco.re>