Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package exim4: In the first place it pulls multiple upgrades from upstream's exim-4.92+fixes branch where important post-release fixes are published. The second notable change is related to sa-exim. Exim in Debian was patched to allow dlopening a localscan() module. The single consumer of this patch in Debian is sa-exim. (The patch also originates there.) The patch in Debian has been nonfunctional in unstable for quite some time (4.92~RC2-1/experimental/18 Dec, 4.92~RC3-1 unstable/26 Dec and buster/03 Jan). The issue only popped up end of March on the upstream user support ML. Looking at the state of sa-exim (dead upstream since 2006 and buggy: https://lists.exim.org/lurker/message/20180726.113354.6d03efde.en.html #879687) we have decided stop patching exim, which resulted in 4.92-5, which - improves the example/docs for content-scanning in exim without sa-exim - drops the abovementioned patch and the virtual Provides for exim4-localscanapi-2.0 and also drops the exim-dev packages (only needed for sa-exim). Exim now also Conflicts with sa-exim. unblock exim4/4.92-5 cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure'
[The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .changes but not in first ----------------------------------------- -rw-r--r-- root/root /usr/lib/debug/.build-id/45/59933d7d0e4800a65884d62d6506ce390b4f07.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/59/55fdc7b64bc2f31b1e0b63c762a57924c2516e.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/5e/f1dbf7d44b659418b55dd4a173cda74ecad278.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/9b/6cfa23511aa8ae2305e45f556cd5238b07f495.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/bb/23e5a1a9f351c2a608d482dfc1e00d9998c629.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/bc/986da4b151ecfa52558aa9c20d03614d31dd25.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/bd/894614600fc329441d05ceb08017719b489417.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/ca/a4ade19a8e042ebf7f9f22782142cbd56bcd2b.debug Files in first .changes but not in second ----------------------------------------- -rw-r--r-- root/root /usr/include/exim4/config.h -rw-r--r-- root/root /usr/include/exim4/local_scan.h -rw-r--r-- root/root /usr/include/exim4/mytypes.h -rw-r--r-- root/root /usr/include/exim4/store.h -rw-r--r-- root/root /usr/lib/debug/.build-id/1f/9c1ede6c32409686b1de89bb598ff598b0ee4f.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/23/c3c5b57e50336cc82bb3a27f46b9b354ccb3e6.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/50/c2969f4b54bc47c33c513e27a89cd4a09d728d.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/51/279c0f518a9e2a849c64a89ff8eaadcabe26fa.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/9c/50ed18cc20fbffb26032ecebab97af806afdd3.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/a3/1149847f6ae982b262e6aec59d3afa2e9ae841.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/ef/6c35ac2c5dc055ab4c3a7d10302123129f10b8.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/f2/12c147800e2c7a02151217960981dcaa2d4f6c.debug -rw-r--r-- root/root /usr/share/doc/exim4-dev/NEWS.Debian.gz -rw-r--r-- root/root /usr/share/doc/exim4-dev/changelog.Debian.gz -rw-r--r-- root/root /usr/share/doc/exim4-dev/copyright -rw-r--r-- root/root /usr/share/man/man1/exim4-localscan-plugin-config.1.gz -rwxr-xr-x root/root /usr/bin/exim4-localscan-plugin-config lrwxrwxrwx root/root /usr/share/doc/exim4-dev/README.Debian.gz -> ../exim4-base/README.Debian.gz lrwxrwxrwx root/root /usr/share/doc/exim4-dev/changelog.gz -> ../exim4-base/changelog.gz Control files of package exim4: lines which differ (wdiff format) ----------------------------------------------------------------- Depends: debconf (>= 1.4.69) | cdebconf (>= 0.39), exim4-base (<< [-4.92-2.1),-] {+4.92-5.1),+} exim4-base (>= [-4.92-2),-] {+4.92-5),+} exim4-daemon-light | exim4-daemon-heavy | exim4-daemon-custom, debconf (>= 0.5) | debconf-2.0 Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-base: lines which differ (wdiff format) ---------------------------------------------------------------------- Installed-Size: [-1621-] {+1623+} Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-base-dbgsym: lines which differ (wdiff format) ----------------------------------------------------------------------------- Build-Ids: [-1f9c1ede6c32409686b1de89bb598ff598b0ee4f 23c3c5b57e50336cc82bb3a27f46b9b354ccb3e6 9c50ed18cc20fbffb26032ecebab97af806afdd3 ef6c35ac2c5dc055ab4c3a7d10302123129f10b8 f212c147800e2c7a02151217960981dcaa2d4f6c-] {+4559933d7d0e4800a65884d62d6506ce390b4f07 5955fdc7b64bc2f31b1e0b63c762a57924c2516e 9b6cfa23511aa8ae2305e45f556cd5238b07f495 bb23e5a1a9f351c2a608d482dfc1e00d9998c629 bc986da4b151ecfa52558aa9c20d03614d31dd25+} Depends: exim4-base (= [-4.92-2)-] {+4.92-5)+} Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-config: lines which differ (wdiff format) ------------------------------------------------------------------------ Installed-Size: [-983-] {+985+} Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-daemon-heavy: lines which differ (wdiff format) ------------------------------------------------------------------------------ Conflicts: [-mail-transport-agent-] {+mail-transport-agent, sa-exim+} Installed-Size: [-1477-] {+1537+} Provides: [-exim4-localscanapi-2.0,-] mail-transport-agent Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-daemon-heavy-dbgsym: lines which differ (wdiff format) ------------------------------------------------------------------------------------- Build-Ids: [-50c2969f4b54bc47c33c513e27a89cd4a09d728d-] {+bd894614600fc329441d05ceb08017719b489417+} Depends: exim4-daemon-heavy (= [-4.92-2)-] {+4.92-5)+} Installed-Size: [-2646-] {+2631+} Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-daemon-light: lines which differ (wdiff format) ------------------------------------------------------------------------------ Conflicts: [-mail-transport-agent-] {+mail-transport-agent, sa-exim+} Installed-Size: [-1332-] {+1324+} Provides: default-mta, [-exim4-localscanapi-2.0,-] mail-transport-agent Version: [-4.92-2-] {+4.92-5+} Control files of package exim4-daemon-light-dbgsym: lines which differ (wdiff format) ------------------------------------------------------------------------------------- Build-Ids: [-51279c0f518a9e2a849c64a89ff8eaadcabe26fa-] {+caa4ade19a8e042ebf7f9f22782142cbd56bcd2b+} Depends: exim4-daemon-light (= [-4.92-2)-] {+4.92-5)+} Installed-Size: [-2260-] {+2247+} Version: [-4.92-2-] {+4.92-5+} Control files of package eximon4: lines which differ (wdiff format) ------------------------------------------------------------------- Installed-Size: [-212-] {+216+} Version: [-4.92-2-] {+4.92-5+} Control files of package eximon4-dbgsym: lines which differ (wdiff format) -------------------------------------------------------------------------- Build-Ids: [-a31149847f6ae982b262e6aec59d3afa2e9ae841-] {+5ef1dbf7d44b659418b55dd4a173cda74ecad278+} Depends: eximon4 (= [-4.92-2)-] {+4.92-5)+} Version: [-4.92-2-] {+4.92-5+} diff -Nru exim4-4.92/debian/changelog exim4-4.92/debian/changelog --- exim4-4.92/debian/changelog 2019-02-20 19:23:11.000000000 +0100 +++ exim4-4.92/debian/changelog 2019-04-07 13:39:31.000000000 +0200 @@ -1,3 +1,33 @@ +exim4 (4.92-5) unstable; urgency=medium + + * Improved spam-scanning example with accompaning information in + README.Debian. Explicitly warn about adding the default SpamAssassin + report in a header, which Closes: #774553 + * Drop 90_localscan_dlopen.dpatch. (It has been non-functional for a couple + of months.) Closes: #925982 Add a Conflicts for sa-exim, which relied on + the (working) version of the patch. Drop exim4-dev package. Add a NEWS + entry for this change. + + -- Andreas Metzler <ametz...@debian.org> Sun, 07 Apr 2019 13:39:31 +0200 + +exim4 (4.92-4) unstable; urgency=medium + + * Another patch from exim-4.92+fixes branch: + 75_10-Harden-plaintext-authenticator.patch + + -- Andreas Metzler <ametz...@debian.org> Fri, 22 Mar 2019 07:15:20 +0100 + +exim4 (4.92-3) unstable; urgency=medium + + * Pull fixes from exim-4.92+fixes branch. + + 75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch + + 75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch + + 75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch + + 75_08-Logging-fix-initial-listening-on-log-line.patch + + 75_09-OpenSSL-Fix-aggregation-of-messages.patch + + -- Andreas Metzler <ametz...@debian.org> Wed, 20 Mar 2019 17:01:29 +0100 + exim4 (4.92-2) unstable; urgency=medium * Upload to unstable. diff -Nru exim4-4.92/debian/control exim4-4.92/debian/control --- exim4-4.92/debian/control 2019-02-17 13:13:18.000000000 +0100 +++ exim4-4.92/debian/control 2019-04-07 13:39:31.000000000 +0200 @@ -138,10 +138,9 @@ Architecture: any Priority: optional Provides: - exim4-localscanapi-2.0, mail-transport-agent, ${dist:Provides:exim4-daemon-light} -Conflicts: mail-transport-agent +Conflicts: mail-transport-agent, sa-exim Replaces: exim4-base (<= 4.61-1), mail-transport-agent Depends: exim4-base (>= ${Upstream-Version}), @@ -202,8 +201,8 @@ Package: exim4-daemon-heavy Architecture: any Priority: optional -Provides: exim4-localscanapi-2.0, mail-transport-agent -Conflicts: mail-transport-agent +Provides: mail-transport-agent +Conflicts: mail-transport-agent, sa-exim Replaces: exim4-base (<= 4.61-1), mail-transport-agent Depends: exim4-base (>= ${Upstream-Version}), @@ -238,8 +237,8 @@ #Package: exim4-daemon-custom #Architecture: any #Priority: optional -#Provides: exim4-localscanapi-2.0, mail-transport-agent -#Conflicts: mail-transport-agent +#Provides: mail-transport-agent +#Conflicts: mail-transport-agent, sa-exim #Replaces: exim4-base (<= 4.61-1), mail-transport-agent #Depends: # exim4-base (>= ${Upstream-Version}), @@ -279,28 +278,3 @@ administrators to view the mail queue and logs, and perform a variety of actions on queued messages, such as freezing, bouncing and thawing messages. - -Package: exim4-dev -Architecture: any -Priority: optional -Depends: ${misc:Depends} -Description: header files for the Exim MTA (v4) packages - Exim (v4) is a mail transport agent. This package contains header - files that can be used to compile code that is then dynamically linked - to exim's local_scan interface. - . - The Debian exim4 packages have their own web page, - http://wiki.debian.org/PkgExim4. There is also a Debian-specific - FAQ list. Information about the way the Debian packages are - configured can be found in - /usr/share/doc/exim4-base/README.Debian.gz, which additionally contains - information about the way the Debian binary packages are built. The - very extensive upstream documentation is shipped in - /usr/share/doc/exim4-base/spec.txt.gz. To repeat the debconf-driven - configuration process in a standard setup, invoke dpkg-reconfigure - exim4-config. There is a Debian-centered mailing list, - pkg-exim4-us...@lists.alioth.debian.org. Please ask Debian-specific - questions there, and only write to the upstream exim-users mailing - list if you are sure that your question is not Debian-specific. You - can find the subscription web page on - http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users diff -Nru exim4-4.92/debian/copyright exim4-4.92/debian/copyright --- exim4-4.92/debian/copyright 2018-12-15 16:02:45.000000000 +0100 +++ exim4-4.92/debian/copyright 2019-04-07 13:39:31.000000000 +0200 @@ -38,10 +38,6 @@ The following people helped in preparing the exim4 packages and gave important feedback: -- Marc Merlin provides the dlopen patch, making it possible to load - local_scan-routines for a external shared object. - The original patch was written by David Woodhouse, it was modified first - by Derrick 'dman' Hudson and afterwards by Marc Merlin. - Sander Smeenk provided the TLS-docs and the script to generate the self-signed certificates. - The people on the exim4debian list that submitted bug-reports and -fixes, diff -Nru exim4-4.92/debian/debconf/conf.d/acl/40_exim4-config_check_data exim4-4.92/debian/debconf/conf.d/acl/40_exim4-config_check_data --- exim4-4.92/debian/debconf/conf.d/acl/40_exim4-config_check_data 2018-08-25 13:41:00.000000000 +0200 +++ exim4-4.92/debian/debconf/conf.d/acl/40_exim4-config_check_data 2019-04-07 13:39:31.000000000 +0200 @@ -50,25 +50,36 @@ # Add headers to a message if it is judged to be spam. Before enabling this, - # you must install SpamAssassin. You also need to set the spamd_address + # you must install SpamAssassin. You may also need to set the spamd_address # option in the main configuration. # # exim4-daemon-heavy must be used for this section to work. # - # Please note that this is only suiteable as an example. There are - # multiple issues with this configuration method. For example, if you go - # this way, you'll give your spamassassin daemon write access to the - # entire exim spool which might be a security issue in case of a - # spamassassin exploit. + # Please note that this is only suiteable as an example. See + # /usr/share/doc/exim4-base/README.Debian.gz # # See the exim docs and the exim wiki for more suitable examples. # + # # Remove internal headers # warn - # spam = Debian-exim:true - # add_header = X-Spam_score: $spam_score\n\ - # X-Spam_score_int: $spam_score_int\n\ - # X-Spam_bar: $spam_bar\n\ - # X-Spam_report: $spam_report + # remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \ + # X-Spam_report + # + # warn + # condition = ${if <{$message_size}{120k}{1}{0}} + # # ":true" to add headers/acl variables even if not spam + # spam = nobody:true + # add_header = X-Spam_score: $spam_score + # add_header = X-Spam_bar: $spam_bar + # # Do not enable this unless you have shorted SpamAssassin's report + # #add_header = X-Spam_report: $spam_report + # + # Reject spam messages (score >15.0). + # This breaks mailing list and forward messages. + # deny + # message = Classified as spam (score $spam_score) + # condition = ${if <{$message_size}{120k}{1}{0}} + # condition = ${if >{$spam_score_int}{150}{true}{false}} # This hook allows you to hook in your own ACLs without having to diff -Nru exim4-4.92/debian/exim4-dev.install exim4-4.92/debian/exim4-dev.install --- exim4-4.92/debian/exim4-dev.install 2018-12-15 16:02:45.000000000 +0100 +++ exim4-4.92/debian/exim4-dev.install 1970-01-01 01:00:00.000000000 +0100 @@ -1,4 +0,0 @@ -b-exim4-daemon-light/src/local_scan.h usr/include/exim4 -b-exim4-daemon-light/src/mytypes.h usr/include/exim4 -b-exim4-daemon-light/src/store.h usr/include/exim4 -debian/exim4-localscan-plugin-config usr/bin diff -Nru exim4-4.92/debian/exim4-dev.links exim4-4.92/debian/exim4-dev.links --- exim4-4.92/debian/exim4-dev.links 2018-12-15 16:02:45.000000000 +0100 +++ exim4-4.92/debian/exim4-dev.links 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -usr/share/doc/exim4-base/README.Debian.gz usr/share/doc/exim4-dev/README.Debian.gz -usr/share/doc/exim4-base/changelog.gz usr/share/doc/exim4-dev/changelog.gz diff -Nru exim4-4.92/debian/exim4-dev.manpages exim4-4.92/debian/exim4-dev.manpages --- exim4-4.92/debian/exim4-dev.manpages 2018-01-28 15:23:43.000000000 +0100 +++ exim4-4.92/debian/exim4-dev.manpages 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -debian/exim4-localscan-plugin-config.1 diff -Nru exim4-4.92/debian/exim4-localscan-plugin-config exim4-4.92/debian/exim4-localscan-plugin-config --- exim4-4.92/debian/exim4-localscan-plugin-config 2018-01-28 15:23:43.000000000 +0100 +++ exim4-4.92/debian/exim4-localscan-plugin-config 1970-01-01 01:00:00.000000000 +0100 @@ -1,12 +0,0 @@ -#!/bin/sh - -case "$1" in - --localscan-apiversion) - sed -rn 's/#define LOCAL_SCAN_ABI_VERSION_(MAJOR|MINOR) *([0-9]+).*/\2/p' \ - /usr/include/exim4/local_scan.h \ - | (read MAJOR; read MINOR; echo ${MAJOR}.${MINOR}) - ;; - *) - echo Usage: $0 --localscan-apiversion - ;; -esac diff -Nru exim4-4.92/debian/exim4-localscan-plugin-config.1 exim4-4.92/debian/exim4-localscan-plugin-config.1 --- exim4-4.92/debian/exim4-localscan-plugin-config.1 2018-01-28 15:23:43.000000000 +0100 +++ exim4-4.92/debian/exim4-localscan-plugin-config.1 1970-01-01 01:00:00.000000000 +0100 @@ -1,40 +0,0 @@ -.\" Title: EXIM4-LOCALSCAN-PLUGIN-CONFIG -.\" Author: -.\" Generator: DocBook XSL Stylesheets v1.72.0 <http://docbook.sf.net/> -.\" Date: 2007-06-08 -.\" Manual: -.\" Source: exim4 -.\" -.TH "EXIM4\-LOCALSCAN\-PLUGIN\-CONFIG" "1" "2007\-06\-08" "exim4" "" -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.SH "NAME" -exim4\-localscan\-plugin\-config \- get information necessary to build and package exim4 plugins -.SH "SYNOPSIS" -.HP 13 -\fBexim4\-localscan\-plugin\-config\fR \fB\-\-localscan\-abiversion\fR -.SH "DESCRIPTION" -.PP -\fBexim4\-localscan\-plugin\-config\fR -is a tool that is used to determine various things needed to build plugins (shared libraries) for the Exim MTA. Currently there is one such plugin API \- the -\fBlocal_scan\fR -API. In addition to local_scan plugins, this API is also available to shared libraries used with the ${dlfunc ...} expansion item. -.SH "OPTIONS" -.PP -Since -\fBexim4\-localscan\-plugin\-config\fR -is -Debian(TM)\-specific, it currently takes a single mandatory option parameter, -\fB\-\-localscan\-apiversion\fR, outputting the API/ABI version (\fIver\fR). Packages containing local_scan plugins should depend on exim4\-localscanapi\-\fIver\fR -.SH "SEE ALSO" -\fBexim4\fR(8), Chapter 42 of the Exim specification -.SH "COPYRIGHT" -Copyright \(co 2007 Magnus Holmgren -.br -.PP -This manual page was written by Magnus Holmgren for the -Debian(TM) -system (but may be used by others). Permission is granted to copy, distribute and/or modify this document without any restrictions whatsoever. -.br diff -Nru exim4-4.92/debian/exim4-localscan-plugin-config.1.xml exim4-4.92/debian/exim4-localscan-plugin-config.1.xml --- exim4-4.92/debian/exim4-localscan-plugin-config.1.xml 2018-01-28 15:23:43.000000000 +0100 +++ exim4-4.92/debian/exim4-localscan-plugin-config.1.xml 1970-01-01 01:00:00.000000000 +0100 @@ -1,82 +0,0 @@ -<?xml version='1.0' encoding='ISO-8859-1'?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" -"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ - - <!ENTITY dhfirstname "<firstname>Magnus</firstname>"> - <!ENTITY dhsurname "<surname>Holmgren</surname>"> - <!-- Please adjust the date whenever revising the manpage. --> - <!ENTITY dhdate "<date>2007-06-08</date>"> - <!ENTITY dhsection "<manvolnum>1</manvolnum>"> - <!ENTITY dhemail "<email>mag...@kibibyte.se</email>"> - <!ENTITY dhusername "Magnus Holmgren"> - <!ENTITY dhucpackage "<refentrytitle>EXIM4-LOCALSCAN-PLUGIN-CONFIG</refentrytitle>"> - <!ENTITY dhpackage "exim4-localscan-plugin-config"> - - <!ENTITY debian "<productname>Debian</productname>"> -]> - -<refentry> - <refentryinfo> - <productname>exim4</productname> - <address> - &dhemail; - </address> - <copyright> - <year>2007</year> - <holder>&dhusername;</holder> - </copyright> - <legalnotice> - <para> - This manual page was written by &dhusername; for - the &debian; system (but may be used by others). Permission is - granted to copy, distribute and/or modify this document without - any restrictions whatsoever. - </para> - </legalnotice> - &dhdate; - </refentryinfo> - <refmeta> - &dhucpackage; - &dhsection; - </refmeta> - <refnamediv> - <refname>&dhpackage;</refname> - <refpurpose>get information necessary to build and package exim4 - plugins</refpurpose> - </refnamediv> - <refsynopsisdiv> - <cmdsynopsis> - <command>&dhpackage;</command> - <arg choice="plain"><option>--localscan-abiversion</option></arg> - </cmdsynopsis> - </refsynopsisdiv> - <refsect1> - <title>Description</title> - - <para><command>&dhpackage;</command> is a tool that is used to determine - various things needed to build plugins (shared libraries) for the - Exim MTA. Currently there is one such plugin API - the - <function>local_scan</function> API. In addition to local_scan plugins, - this API is also available to shared libraries used with the - ${dlfunc ...} expansion item.</para> - </refsect1> - <refsect1> - <title>Options</title> - <para>Since <command>&dhpackage;</command> is &debian;-specific, - it currently takes a single mandatory option parameter, - <option>--localscan-apiversion</option>, outputting the API/ABI - version (<replaceable role="variable">ver</replaceable>). - Packages containing local_scan plugins should depend on - exim4-localscanapi-<replaceable role="variable">ver</replaceable></para> - </refsect1> - <refsect1> - <title>See also</title> - <simplelist type="inline"> - <member><citerefentry> - <refentrytitle>exim4</refentrytitle> - <manvolnum>8</manvolnum> - </citerefentry></member> - <member>Chapter 42 of the Exim specification</member> - </simplelist> - </refsect1> -</refentry> diff -Nru exim4-4.92/debian/NEWS exim4-4.92/debian/NEWS --- exim4-4.92/debian/NEWS 2018-02-15 17:33:44.000000000 +0100 +++ exim4-4.92/debian/NEWS 2019-04-07 13:39:31.000000000 +0200 @@ -1,3 +1,12 @@ +exim4 (4.92-5) unstable; urgency=medium + + The patch for dlopening local_scan has been dropped. sa-exim which has been + dead upstream for more than 10 years is not supported anymore. Exim's + spam=... condition can be used as replacement. The exim4-dev package served + no purpose anymore and was therefore dropped, too. + + -- Andreas Metzler <ametz...@debian.org> Sun, 07 Apr 2019 13:39:31 +0200 + exim4 (4.87-3) unstable; urgency=medium Starting with 4.87~RC1-1 exim will not accept or send out messages with diff -Nru exim4-4.92/debian/patches/75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch exim4-4.92/debian/patches/75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch --- exim4-4.92/debian/patches/75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch 2019-03-20 16:49:39.000000000 +0100 @@ -0,0 +1,91 @@ +From f634b80846cc7ffcab65c9855bcb35312f0232e8 Mon Sep 17 00:00:00 2001 +From: Jasen Betts <ja...@xnet.co.nz> +Date: Mon, 18 Feb 2019 13:52:16 +0000 +Subject: [PATCH 1/5] Fix expansions for RFC 822 addresses having comments in + local-part and/or domain. Bug 2375 + +(cherry picked from commit e2ff8e24f41caca3623228b1ec66a3f3961ecad6) +--- + doc/ChangeLog | 3 +++ + src/expand.c | 19 +++++++------------ + test/scripts/0000-Basic/0002 | 7 +++++++ + test/stdout/0002 | 7 +++++++ + 4 files changed, 24 insertions(+), 12 deletions(-) + +diff --git a/doc/ChangeLog b/doc/ChangeLog +index 867a1d8a..9659da32 100644 +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -16,10 +16,13 @@ JH/07 GnuTLS: Our use of late (post-handshake) certificate verification, under + to the client until the first read of encrypted data (typically the + response to EHLO). Add detection for that case and treat it as a failed + TLS connection attempt, so that the normal retry-in-clear can work (if + suitably configured). + ++JB/01 BZg 2375: fix expansions of 822 addresses having comments in local-part ++ and/or domain. Found and fixed by Jason Betts. ++ + + Exim version 4.92 + ----------------- + + JH/01 Remove code calling the customisable local_scan function, unless a new +diff --git a/src/expand.c b/src/expand.c +index 2c290251..35ede718 100644 +--- a/src/expand.c ++++ b/src/expand.c +@@ -7071,20 +7071,15 @@ while (*s != 0) + uschar * error; + int start, end, domain; + uschar * t = parse_extract_address(sub, &error, &start, &end, &domain, + FALSE); + if (t) +- if (c != EOP_DOMAIN) +- { +- if (c == EOP_LOCAL_PART && domain != 0) end = start + domain - 1; +- yield = string_catn(yield, sub+start, end-start); +- } +- else if (domain != 0) +- { +- domain += start; +- yield = string_catn(yield, sub+domain, end-domain); +- } ++ yield = c == EOP_DOMAIN ++ ? string_cat(yield, t + domain) ++ : c == EOP_LOCAL_PART && domain > 0 ++ ? string_catn(yield, t, domain - 1 ) ++ : string_cat(yield, t); + continue; + } + + case EOP_ADDRESSES: + { +@@ -7104,11 +7099,11 @@ while (*s != 0) + } + f.parse_allow_group = TRUE; + + for (;;) + { +- uschar *p = parse_find_address_end(sub, FALSE); ++ uschar * p = parse_find_address_end(sub, FALSE); + uschar saveend = *p; + *p = '\0'; + address = parse_extract_address(sub, &error, &start, &end, &domain, + FALSE); + *p = saveend; +@@ -7117,11 +7112,11 @@ while (*s != 0) + done in chunks by searching for the separator character. At the + start, unless we are dealing with the first address of the output + list, add in a space if the new address begins with the separator + character, or is an empty string. */ + +- if (address != NULL) ++ if (address) + { + if (yield->ptr != save_ptr && address[0] == *outsep) + yield = string_catn(yield, US" ", 1); + + for (;;) +-- +2.20.1 + diff -Nru exim4-4.92/debian/patches/75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch exim4-4.92/debian/patches/75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch --- exim4-4.92/debian/patches/75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch 2019-03-20 16:58:06.000000000 +0100 @@ -0,0 +1,48 @@ +From 8dde16b89efe2138f92cbfa6c59fb31dc80ec22a Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146...@wizmail.org> +Date: Tue, 19 Feb 2019 14:45:27 +0000 +Subject: [PATCH 2/5] Docs: Add note on lsearch for IPv4-mapped IPv6 addresses + +Cherry-picked from: 52af443324, c77d3d85fe +--- + doc/doc-docbook/spec.xfpt | 11 ++++++++++- + doc/ChangeLog | 2 +- + 2 files changed, 11 insertions(+), 2 deletions(-) + +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -18,7 +18,7 @@ JH/07 GnuTLS: Our use of late (post-hand + TLS connection attempt, so that the normal retry-in-clear can work (if + suitably configured). + +-JB/01 BZg 2375: fix expansions of 822 addresses having comments in local-part ++JB/01 Bug 2375: fix expansions of 822 addresses having comments in local-part + and/or domain. Found and fixed by Jason Betts. + + +--- a/doc/spec.txt ++++ b/doc/spec.txt +@@ -6302,6 +6302,10 @@ The following single-key lookup types ar + implicit key is the host's IP address rather than its name (see section + 10.12). + ++ Warning 3: Do not use an IPv4-mapped IPv6 address for a key; use the ++ IPv4, in dotted-quad form. (Exim converts IPv4-mapped IPv6 addresses to ++ this notation before executing the lookup.) ++ + * lsearch: The given file is a text file that is searched linearly for a line + beginning with the search key, terminated by a colon or white space or the + end of the line. The search is case-insensitive; that is, upper and lower +@@ -8003,7 +8007,11 @@ quote keys was made available in lsearch + implemented iplsearch files do require colons in IPv6 keys (notated using the + quoting facility) so as to distinguish them from IPv4 keys. For this reason, + when the lookup type is iplsearch, IPv6 addresses are converted using colons +-and not dots. In all cases, full, unabbreviated IPv6 addresses are always used. ++and not dots. ++ ++In all cases except IPv4-mapped IPv6, full, unabbreviated IPv6 addresses ++are always used. The latter are converted to IPv4 addresses, in dotted-quad ++form. + + Ideally, it would be nice to tidy up this anomalous situation by changing to + colons in all cases, given that quoting is now available for lsearch. However, diff -Nru exim4-4.92/debian/patches/75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch exim4-4.92/debian/patches/75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch --- exim4-4.92/debian/patches/75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch 2019-03-20 16:49:39.000000000 +0100 @@ -0,0 +1,69 @@ +From 09720dd9506176294154dad7152f5f40554046a4 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146...@wizmail.org> +Date: Thu, 14 Mar 2019 12:26:34 +0000 +Subject: [PATCH 3/5] Fix crash from SRV lookup hitting a CNAME + +(cherry picked from commit 14bc9cf085aff7bd5147881e5b7068769a29b026) +--- + doc/ChangeLog | 4 ++++ + src/dns.c | 10 +++++++--- + 2 files changed, 11 insertions(+), 3 deletions(-) + +diff --git a/doc/ChangeLog b/doc/ChangeLog +index 419c1061..0f8d05b2 100644 +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -19,10 +19,14 @@ JH/07 GnuTLS: Our use of late (post-handshake) certificate verification, under + suitably configured). + + JB/01 Bug 2375: fix expansions of 822 addresses having comments in local-part + and/or domain. Found and fixed by Jason Betts. + ++JH/08 Add hardening against SRV & TLSA lookups the hit CNAMEs (a nonvalid ++ configuration). If a CNAME target was not a wellformed name pattern, a ++ crash could result. ++ + + Exim version 4.92 + ----------------- + + JH/01 Remove code calling the customisable local_scan function, unless a new +diff --git a/src/dns.c b/src/dns.c +index 0f0b435d..b7978c52 100644 +--- a/src/dns.c ++++ b/src/dns.c +@@ -714,11 +714,15 @@ regex has substrings that are used - the default uses a conditional. + This test is omitted for PTR records. These occur only in calls from the dnsdb + lookup, which constructs the names itself, so they should be OK. Besides, + bitstring labels don't conform to normal name syntax. (But the aren't used any + more.) + +-For SRV records, we omit the initial _smtp._tcp. components at the start. */ ++For SRV records, we omit the initial _smtp._tcp. components at the start. ++The check has been seen to bite on the destination of a SRV lookup that ++initiall hit a CNAME, for which the next name had only two components. ++RFC2782 makes no mention of the possibiility of CNAMES, but the Wikipedia ++article on SRV says they are not a valid configuration. */ + + #ifndef STAND_ALONE /* Omit this for stand-alone tests */ + + if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT) + { +@@ -730,12 +734,12 @@ if (check_dns_names_pattern[0] != 0 && type != T_PTR && type != T_TXT) + /* For an SRV lookup, skip over the first two components (the service and + protocol names, which both start with an underscore). */ + + if (type == T_SRV || type == T_TLSA) + { +- while (*checkname++ != '.'); +- while (*checkname++ != '.'); ++ while (*checkname && *checkname++ != '.') ; ++ while (*checkname && *checkname++ != '.') ; + } + + if (pcre_exec(regex_check_dns_names, NULL, CCS checkname, Ustrlen(checkname), + 0, PCRE_EOPT, ovector, nelem(ovector)) < 0) + { +-- +2.20.1 + diff -Nru exim4-4.92/debian/patches/75_08-Logging-fix-initial-listening-on-log-line.patch exim4-4.92/debian/patches/75_08-Logging-fix-initial-listening-on-log-line.patch --- exim4-4.92/debian/patches/75_08-Logging-fix-initial-listening-on-log-line.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_08-Logging-fix-initial-listening-on-log-line.patch 2019-03-20 16:49:39.000000000 +0100 @@ -0,0 +1,206 @@ +From e5be948a65fe601024e5d4256f64efbfed3dd72e Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146...@wizmail.org> +Date: Mon, 18 Mar 2019 00:31:43 +0000 +Subject: [PATCH 4/5] Logging: fix initial listening-on log line + +(cherry picked from commit 254f38d1c5ada5e4df0bccb385dc466549620c71) +--- + doc/ChangeLog | 4 +++ + src/daemon.c | 73 +++++++++++++++++++++++++++---------------- + src/host.c | 1 + + src/structs.h | 1 + + test/confs/0282 | 2 +- + test/log/0282 | 2 +- + 6 files changed, 54 insertions(+), 29 deletions(-) + +diff --git a/doc/ChangeLog b/doc/ChangeLog +index 0f8d05b2..3c0ffbf0 100644 +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -23,10 +23,14 @@ JB/01 Bug 2375: fix expansions of 822 addresses having comments in local-part + + JH/08 Add hardening against SRV & TLSA lookups the hit CNAMEs (a nonvalid + configuration). If a CNAME target was not a wellformed name pattern, a + crash could result. + ++JH/09 Logging: Fix initial listening-on line for multiple ports for an IP when ++ the OS reports them interleaved with other addresses. ++ ++ + + Exim version 4.92 + ----------------- + + JH/01 Remove code calling the customisable local_scan function, unless a new +diff --git a/src/daemon.c b/src/daemon.c +index a852192e..01da3936 100644 +--- a/src/daemon.c ++++ b/src/daemon.c +@@ -1625,12 +1625,12 @@ if (f.inetd_wait_mode) + else if (f.daemon_listen) + { + int i, j; + int smtp_ports = 0; + int smtps_ports = 0; +- ip_address_item * ipa, * i2; +- uschar * p = big_buffer; ++ ip_address_item * ipa; ++ uschar * p; + uschar * qinfo = queue_interval > 0 + ? string_sprintf("-q%s", readconf_printtime(queue_interval)) + : US"no queue runs"; + + /* Build a list of listening addresses in big_buffer, but limit it to 10 +@@ -1638,73 +1638,92 @@ else if (f.daemon_listen) + + It is now possible to have some ports listening for SMTPS (the old, + deprecated protocol that starts TLS without using STARTTLS), and others + listening for standard SMTP. Keep their listings separate. */ + +- for (j = 0; j < 2; j++) ++ for (int j = 0, i; j < 2; j++) + { + for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next) + { + /* First time round, look for SMTP ports; second time round, look for +- SMTPS ports. For the first one of each, insert leading text. */ ++ SMTPS ports. Build IP+port strings. */ + + if (host_is_tls_on_connect_port(ipa->port) == (j > 0)) + { + if (j == 0) +- { +- if (smtp_ports++ == 0) +- { +- memcpy(p, "SMTP on", 8); +- p += 7; +- } +- } ++ smtp_ports++; + else +- if (smtps_ports++ == 0) +- p += sprintf(CS p, "%sSMTPS on", +- smtp_ports == 0 ? "" : " and for "); ++ smtps_ports++; + + /* Now the information about the port (and sometimes interface) */ + + if (ipa->address[0] == ':' && ipa->address[1] == 0) + { /* v6 wildcard */ + if (ipa->next && ipa->next->address[0] == 0 && + ipa->next->port == ipa->port) + { +- p += sprintf(CS p, " port %d (IPv6 and IPv4)", ipa->port); +- ipa = ipa->next; ++ ipa->log = string_sprintf(" port %d (IPv6 and IPv4)", ipa->port); ++ (ipa = ipa->next)->log = NULL; + } + else if (ipa->v6_include_v4) +- p += sprintf(CS p, " port %d (IPv6 with IPv4)", ipa->port); ++ ipa->log = string_sprintf(" port %d (IPv6 with IPv4)", ipa->port); + else +- p += sprintf(CS p, " port %d (IPv6)", ipa->port); ++ ipa->log = string_sprintf(" port %d (IPv6)", ipa->port); + } + else if (ipa->address[0] == 0) /* v4 wildcard */ +- p += sprintf(CS p, " port %d (IPv4)", ipa->port); ++ ipa->log = string_sprintf(" port %d (IPv4)", ipa->port); + else /* check for previously-seen IP */ + { ++ ip_address_item * i2; + for (i2 = addresses; i2 != ipa; i2 = i2->next) + if ( host_is_tls_on_connect_port(i2->port) == (j > 0) + && Ustrcmp(ipa->address, i2->address) == 0 + ) + { /* found; append port to list */ +- if (p[-1] == '}') p--; +- while (isdigit(*--p)) ; +- p += 1 + sprintf(CS p+1, "%s%d,%d}", *p == ',' ? "" : "{", +- i2->port, ipa->port); ++ for (p = i2->log; *p; ) p++; /* end of existing string */ ++ if (*--p == '}') *p = '\0'; /* drop EOL */ ++ while (isdigit(*--p)) ; /* char before port */ ++ ++ i2->log = *p == ':' /* no list yet? */ ++ ? string_sprintf("%.*s{%s,%d}", ++ (int)(p - i2->log + 1), i2->log, p+1, ipa->port) ++ : string_sprintf("%s,%d}", i2->log, ipa->port); ++ ipa->log = NULL; + break; + } + if (i2 == ipa) /* first-time IP */ +- p += sprintf(CS p, " [%s]:%d", ipa->address, ipa->port); ++ ipa->log = string_sprintf(" [%s]:%d", ipa->address, ipa->port); + } + } + } ++ } + +- if (ipa) ++ p = big_buffer; ++ for (int j = 0, i; j < 2; j++) ++ { ++ /* First time round, look for SMTP ports; second time round, look for ++ SMTPS ports. For the first one of each, insert leading text. */ ++ ++ if (j == 0) + { +- memcpy(p, " ...", 5); +- p += 4; ++ if (smtp_ports > 0) ++ p += sprintf(CS p, "SMTP on"); + } ++ else ++ if (smtps_ports > 0) ++ p += sprintf(CS p, "%sSMTPS on", ++ smtp_ports == 0 ? "" : " and for "); ++ ++ /* Now the information about the port (and sometimes interface) */ ++ ++ for (i = 0, ipa = addresses; i < 10 && ipa; i++, ipa = ipa->next) ++ if (host_is_tls_on_connect_port(ipa->port) == (j > 0)) ++ if (ipa->log) ++ p += sprintf(CS p, "%s", ipa->log); ++ ++ if (ipa) ++ p += sprintf(CS p, " ..."); + } + + log_write(0, LOG_MAIN, + "exim %s daemon started: pid=%d, %s, listening for %s", + version_string, getpid(), qinfo, big_buffer); +diff --git a/src/host.c b/src/host.c +index 29c977fe..a3b0977b 100644 +--- a/src/host.c ++++ b/src/host.c +@@ -757,10 +757,11 @@ while ((s = string_nextinlist(&list, &sep, NULL, 0))) + next = store_get(sizeof(ip_address_item)); + next->next = NULL; + Ustrcpy(next->address, s); + next->port = port; + next->v6_include_v4 = FALSE; ++ next->log = NULL; + + if (!yield) + yield = last = next; + else + { +diff --git a/src/structs.h b/src/structs.h +index 20db0e5f..1e63d752 100644 +--- a/src/structs.h ++++ b/src/structs.h +@@ -442,10 +442,11 @@ hold an IPv6 address. */ + typedef struct ip_address_item { + struct ip_address_item *next; + int port; + BOOL v6_include_v4; /* Used in the daemon */ + uschar address[46]; ++ uschar * log; /* portion of "listening on" log line */ + } ip_address_item; + + /* Structure for chaining together arbitrary strings. */ + + typedef struct string_item { +-- +2.20.1 + diff -Nru exim4-4.92/debian/patches/75_09-OpenSSL-Fix-aggregation-of-messages.patch exim4-4.92/debian/patches/75_09-OpenSSL-Fix-aggregation-of-messages.patch --- exim4-4.92/debian/patches/75_09-OpenSSL-Fix-aggregation-of-messages.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_09-OpenSSL-Fix-aggregation-of-messages.patch 2019-03-20 16:49:39.000000000 +0100 @@ -0,0 +1,127 @@ +From 332ebeaf8139b2b75f475880fc14b63c7c45c706 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146...@wizmail.org> +Date: Tue, 19 Mar 2019 15:33:31 +0000 +Subject: [PATCH 5/5] OpenSSL: Fix aggregation of messages. + +Broken-by: a5ffa9b475 +(cherry picked from commit c09dbcfb71f4b9a42cbfd8a20e0be6bfa1b12488) +--- + doc/ChangeLog | 5 +++ + src/tls-openssl.c | 24 ++++++++++---- + test/confs/2152 | 76 +++++++++++++++++++++++++++++++++++++++++++ + test/log/2152 | 9 +++++ + 4 files changed, 108 insertions(+), 6 deletions(-) + create mode 100644 test/confs/2152 + create mode 100644 test/log/2152 + +diff --git a/doc/ChangeLog b/doc/ChangeLog +index 3c0ffbf0..3d63725f 100644 +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -26,10 +26,15 @@ JH/08 Add hardening against SRV & TLSA lookups the hit CNAMEs (a nonvalid + crash could result. + + JH/09 Logging: Fix initial listening-on line for multiple ports for an IP when + the OS reports them interleaved with other addresses. + ++JH/10 OpenSSL: Fix aggregation of messages. Previously, when PIPELINING was ++ used both for input and for a verify callout, both encrypted, SMTP ++ responses being sent by the server could be lost. This resulted in ++ dropped connections and sometimes bounces generated by a peer sending ++ to this system. + + + Exim version 4.92 + ----------------- + +diff --git a/src/tls-openssl.c b/src/tls-openssl.c +index 8f4cf4d8..cc0ead02 100644 +--- a/src/tls-openssl.c ++++ b/src/tls-openssl.c +@@ -272,10 +272,11 @@ Server: + */ + + typedef struct { + SSL_CTX * ctx; + SSL * ssl; ++ gstring * corked; + } exim_openssl_client_tls_ctx; + + static SSL_CTX *server_ctx = NULL; + static SSL *server_ssl = NULL; + +@@ -2471,10 +2472,11 @@ BOOL require_ocsp = FALSE; + #endif + + rc = store_pool; + store_pool = POOL_PERM; + exim_client_ctx = store_get(sizeof(exim_openssl_client_tls_ctx)); ++exim_client_ctx->corked = NULL; + store_pool = rc; + + #ifdef SUPPORT_DANE + tlsp->tlsa_usage = 0; + #endif +@@ -2906,22 +2908,29 @@ Used by both server-side and client-side TLS. + + int + tls_write(void * ct_ctx, const uschar *buff, size_t len, BOOL more) + { + int outbytes, error, left; +-SSL * ssl = ct_ctx ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl; +-static gstring * corked = NULL; ++SSL * ssl = ct_ctx ++ ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl; ++static gstring * server_corked = NULL; ++gstring ** corkedp = ct_ctx ++ ? &((exim_openssl_client_tls_ctx *)ct_ctx)->corked : &server_corked; ++gstring * corked = *corkedp; + + DEBUG(D_tls) debug_printf("%s(%p, %lu%s)\n", __FUNCTION__, + buff, (unsigned long)len, more ? ", more" : ""); + + /* Lacking a CORK or MSG_MORE facility (such as GnuTLS has) we copy data when + "more" is notified. This hack is only ok if small amounts are involved AND only + one stream does it, in one context (i.e. no store reset). Currently it is used +-for the responses to the received SMTP MAIL , RCPT, DATA sequence, only. */ +-/*XXX + if PIPE_COMMAND, banner & ehlo-resp for smmtp-on-connect. Suspect there's +-a store reset there. */ ++for the responses to the received SMTP MAIL , RCPT, DATA sequence, only. ++We support callouts done by the server process by using a separate client ++context for the stashed information. */ ++/* + if PIPE_COMMAND, banner & ehlo-resp for smmtp-on-connect. Suspect there's ++a store reset there, so use POOL_PERM. */ ++/* + if CHUNKING, cmds EHLO,MAIL,RCPT(s),BDAT */ + + if (!ct_ctx && (more || corked)) + { + #ifdef EXPERIMENTAL_PIPE_CONNECT + int save_pool = store_pool; +@@ -2933,14 +2942,17 @@ if (!ct_ctx && (more || corked)) + #ifdef EXPERIMENTAL_PIPE_CONNECT + store_pool = save_pool; + #endif + + if (more) ++ { ++ *corkedp = corked; + return len; ++ } + buff = CUS corked->s; + len = corked->ptr; +- corked = NULL; ++ *corkedp = NULL; + } + + for (left = len; left > 0;) + { + DEBUG(D_tls) debug_printf("SSL_write(%p, %p, %d)\n", ssl, buff, left); +diff --git a/test/confs/2152 b/test/confs/2152 +new file mode 100644 +index 00000000..f783192b +diff --git a/test/log/2152 b/test/log/2152 +new file mode 100644 +index 00000000..720200be +-- +2.20.1 + diff -Nru exim4-4.92/debian/patches/75_10-Harden-plaintext-authenticator.patch exim4-4.92/debian/patches/75_10-Harden-plaintext-authenticator.patch --- exim4-4.92/debian/patches/75_10-Harden-plaintext-authenticator.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.92/debian/patches/75_10-Harden-plaintext-authenticator.patch 2019-03-22 07:14:00.000000000 +0100 @@ -0,0 +1,55 @@ +From e5b942ae007d0533fbd599c64d550f3a8355b940 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146...@wizmail.org> +Date: Thu, 21 Mar 2019 20:01:03 +0000 +Subject: [PATCH] Harden plaintext authenticator + +Cherry-picked from: f9fc942757 +--- + doc/ChangeLog | 5 +++++ + src/auths/plaintext.c | 6 +----- + 2 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/doc/ChangeLog b/doc/ChangeLog +index 3d63725f..c34e60d1 100644 +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -32,10 +32,15 @@ JH/10 OpenSSL: Fix aggregation of messages. Previously, when PIPELINING was + used both for input and for a verify callout, both encrypted, SMTP + responses being sent by the server could be lost. This resulted in + dropped connections and sometimes bounces generated by a peer sending + to this system. + ++JH/11 Harden plaintext authenticator against a badly misconfigured client-send ++ string. Previously it was possible to cause undefined behaviour in a ++ library routine (usually a crash). Found by "zerons". ++ ++ + + Exim version 4.92 + ----------------- + + JH/01 Remove code calling the customisable local_scan function, unless a new +diff --git a/src/auths/plaintext.c b/src/auths/plaintext.c +index 7a0f7885..fa05b0ad 100644 +--- a/src/auths/plaintext.c ++++ b/src/auths/plaintext.c +@@ -221,15 +221,11 @@ while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size))) + for (i = 0; i < len; i++) + if (ss[i] == '^') + if (ss[i+1] != '^') + ss[i] = 0; + else +- { +- i++; +- len--; +- memmove(ss + i, ss + i + 1, len - i); +- } ++ if (--len > ++i) memmove(ss + i, ss + i + 1, len - i); + + /* The first string is attached to the AUTH command; others are sent + unembellished. */ + + if (first) +-- +2.20.1 + diff -Nru exim4-4.92/debian/patches/90_localscan_dlopen.dpatch exim4-4.92/debian/patches/90_localscan_dlopen.dpatch --- exim4-4.92/debian/patches/90_localscan_dlopen.dpatch 2018-12-31 12:56:11.000000000 +0100 +++ exim4-4.92/debian/patches/90_localscan_dlopen.dpatch 1970-01-01 01:00:00.000000000 +0100 @@ -1,281 +0,0 @@ -Description: Allow one to use and switch between different local_scan functions - without recompiling exim. - http://marc.merlins.org/linux/exim/files/sa-exim-current/ Original patch from - David Woodhouse, modified first by Derrick 'dman' Hudson and then by Marc - MERLIN for SA-Exim and minor/major API version tracking -Author: David Woodhouse, Derrick 'dman' Hudson, Marc MERLIN -Origin: other, http://marc.merlins.org/linux/exim/files/sa-exim-current/ -Forwarded: no -Last-Update: 2018-12-12 - ---- a/src/EDITME -+++ b/src/EDITME -@@ -824,6 +824,21 @@ HEADERS_CHARSET="ISO-8859-1" - - - #------------------------------------------------------------------------------ -+# On systems which support dynamic loading of shared libraries, Exim can -+# load a local_scan function specified in its config file instead of having -+# to be recompiled with the desired local_scan function. For a full -+# description of the API to this function, see the Exim specification. -+ -+DLOPEN_LOCAL_SCAN=yes -+ -+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the -+# linker flags. Without it, the loaded .so won't be able to access any -+# functions from exim. -+ -+LDFLAGS += -rdynamic -+CFLAGS += -fvisibility=hidden -+ -+#------------------------------------------------------------------------------ - # The default distribution of Exim contains only the plain text form of the - # documentation. Other forms are available separately. If you want to install - # the documentation in "info" format, first fetch the Texinfo documentation ---- a/src/config.h.defaults -+++ b/src/config.h.defaults -@@ -32,6 +32,8 @@ Do not put spaces between # and the 'def - - #define AUTH_VARS 3 - -+#define DLOPEN_LOCAL_SCAN -+ - #define BIN_DIRECTORY - - #define CONFIGURE_FILE ---- a/src/globals.c -+++ b/src/globals.c -@@ -141,6 +141,10 @@ int dsn_ret = 0; - const pcre *regex_DSN = NULL; - uschar *dsn_advertise_hosts = NULL; - -+#ifdef DLOPEN_LOCAL_SCAN -+uschar *local_scan_path = NULL; -+#endif -+ - #ifdef SUPPORT_TLS - BOOL gnutls_compat_mode = FALSE; - BOOL gnutls_allow_auto_pkcs11 = FALSE; ---- a/src/globals.h -+++ b/src/globals.h -@@ -138,6 +138,9 @@ extern int dsn_ret; / - extern const pcre *regex_DSN; /* For recognizing DSN settings */ - extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ - -+#ifdef DLOPEN_LOCAL_SCAN -+extern uschar *local_scan_path; /* Path to local_scan() library */ -+#endif - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. */ - ---- a/src/local_scan.c -+++ b/src/local_scan.c -@@ -5,61 +5,131 @@ - /* Copyright (c) University of Cambridge 1995 - 2009 */ - /* See the file NOTICE for conditions of use and distribution. */ - -+#include "exim.h" - --/****************************************************************************** --This file contains a template local_scan() function that just returns ACCEPT. --If you want to implement your own version, you should copy this file to, say --Local/local_scan.c, and edit the copy. To use your version instead of the --default, you must set -- --HAVE_LOCAL_SCAN=yes --LOCAL_SCAN_SOURCE=Local/local_scan.c -- --in your Local/Makefile. This makes it easy to copy your version for use with --subsequent Exim releases. -- --For a full description of the API to this function, see the Exim specification. --******************************************************************************/ -- -- --/* This is the only Exim header that you should include. The effect of --including any other Exim header is not defined, and may change from release to --release. Use only the documented interface! */ -- --#include "local_scan.h" -- -- --/* This is a "do-nothing" version of a local_scan() function. The arguments --are: -- -- fd The file descriptor of the open -D file, which contains the -- body of the message. The file is open for reading and -- writing, but modifying it is dangerous and not recommended. -- -- return_text A pointer to an unsigned char* variable which you can set in -- order to return a text string. It is initialized to NULL. -- --The return values of this function are: -- -- LOCAL_SCAN_ACCEPT -- The message is to be accepted. The return_text argument is -- saved in $local_scan_data. -- -- LOCAL_SCAN_REJECT -- The message is to be rejected. The returned text is used -- in the rejection message. -- -- LOCAL_SCAN_TEMPREJECT -- This specifies a temporary rejection. The returned text -- is used in the rejection message. --*/ -+#ifdef DLOPEN_LOCAL_SCAN -+#include <dlfcn.h> -+static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; -+static int load_local_scan_library(void); -+#endif - - int - local_scan(int fd, uschar **return_text) - { - fd = fd; /* Keep picky compilers happy */ - return_text = return_text; --return LOCAL_SCAN_ACCEPT; -+#ifdef DLOPEN_LOCAL_SCAN -+/* local_scan_path is defined AND not the empty string */ -+if (local_scan_path && *local_scan_path) -+ { -+ if (!local_scan_fn) -+ { -+ if (!load_local_scan_library()) -+ { -+ char *base_msg , *error_msg , *final_msg ; -+ int final_length = -1 ; -+ -+ base_msg=US"Local configuration error - local_scan() library failure\n"; -+ error_msg = dlerror() ; -+ -+ final_length = strlen(base_msg) + strlen(error_msg) + 1 ; -+ final_msg = (char*)malloc( final_length*sizeof(char) ) ; -+ *final_msg = '\0' ; -+ -+ strcat( final_msg , base_msg ) ; -+ strcat( final_msg , error_msg ) ; -+ -+ *return_text = final_msg ; -+ return LOCAL_SCAN_TEMPREJECT; -+ } -+ } -+ return local_scan_fn(fd, return_text); -+ } -+else -+#endif -+ return LOCAL_SCAN_ACCEPT; -+} -+ -+#ifdef DLOPEN_LOCAL_SCAN -+ -+static int load_local_scan_library(void) -+{ -+/* No point in keeping local_scan_lib since we'll never dlclose() anyway */ -+void *local_scan_lib = NULL; -+int (*local_scan_version_fn)(void); -+int vers_maj; -+int vers_min; -+ -+local_scan_lib = dlopen(local_scan_path, RTLD_NOW); -+if (!local_scan_lib) -+ { -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - " -+ "message temporarily rejected"); -+ return FALSE; -+ } -+ -+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major"); -+if (!local_scan_version_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan_version_major() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+/* The major number is increased when the ABI is changed in a non -+ backward compatible way. */ -+vers_maj = local_scan_version_fn(); -+ -+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor"); -+if (!local_scan_version_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan_version_minor() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+/* The minor number is increased each time a new feature is added (in a -+ way that doesn't break backward compatibility) -- Marc */ -+vers_min = local_scan_version_fn(); -+ -+ -+if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR) -+ { -+ dlclose(local_scan_lib); -+ local_scan_lib = NULL; -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major" -+ "version number, you need to recompile your module for this version" -+ "of exim (The module was compiled for version %d.%d and this exim provides" -+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, -+ LOCAL_SCAN_ABI_VERSION_MINOR); -+ return FALSE; -+ } -+else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR) -+ { -+ dlclose(local_scan_lib); -+ local_scan_lib = NULL; -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor" -+ "version number, you need to recompile your module for this version" -+ "of exim (The module was compiled for version %d.%d and this exim provides" -+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, -+ LOCAL_SCAN_ABI_VERSION_MINOR); -+ return FALSE; -+ } -+ -+local_scan_fn = dlsym(local_scan_lib, "local_scan"); -+if (!local_scan_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+return TRUE; - } - -+#endif /* DLOPEN_LOCAL_SCAN */ -+ - /* End of local_scan.c */ ---- a/src/local_scan.h -+++ b/src/local_scan.h -@@ -17,6 +17,7 @@ settings, and the store functions. */ - - #include <stdarg.h> - #include <sys/types.h> -+#pragma GCC visibility push(default) - #include "config.h" - #include "mytypes.h" - #include "store.h" -@@ -192,4 +193,6 @@ extern uschar *string_copy(const uschar - extern uschar *string_copyn(const uschar *, int); - extern uschar *string_sprintf(const char *, ...) ALMOST_PRINTF(1,2); - -+#pragma GCC visibility pop -+ - /* End of local_scan.h */ ---- a/src/readconf.c -+++ b/src/readconf.c -@@ -199,6 +199,9 @@ static optionlist optionlist_config[] = - { "local_from_prefix", opt_stringptr, &local_from_prefix }, - { "local_from_suffix", opt_stringptr, &local_from_suffix }, - { "local_interfaces", opt_stringptr, &local_interfaces }, -+#ifdef DLOPEN_LOCAL_SCAN -+ { "local_scan_path", opt_stringptr, &local_scan_path }, -+#endif - #ifdef HAVE_LOCAL_SCAN - { "local_scan_timeout", opt_time, &local_scan_timeout }, - #endif diff -Nru exim4-4.92/debian/patches/series exim4-4.92/debian/patches/series --- exim4-4.92/debian/patches/series 2019-02-17 13:13:18.000000000 +0100 +++ exim4-4.92/debian/patches/series 2019-04-07 13:39:31.000000000 +0200 @@ -10,4 +10,9 @@ 75_02-Fix-transport-buffer-size-handling.patch 75_03-Fix-info-on-using-local_scan-in-the-default-Makefile.patch 75_04-GnuTLS-Fix-client-detection-of-server-reject-of-clie.patch -90_localscan_dlopen.dpatch +75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch +75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch +75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch +75_08-Logging-fix-initial-listening-on-log-line.patch +75_09-OpenSSL-Fix-aggregation-of-messages.patch +75_10-Harden-plaintext-authenticator.patch diff -Nru exim4-4.92/debian/README.Debian.xml exim4-4.92/debian/README.Debian.xml --- exim4-4.92/debian/README.Debian.xml 2019-02-17 13:13:18.000000000 +0100 +++ exim4-4.92/debian/README.Debian.xml 2019-04-07 13:39:31.000000000 +0200 @@ -635,7 +635,7 @@ </listitem> <listitem> <simpara> - It allows other packages (e.g. sa-exim) to + It allows other packages to modify Exim's configuration by dropping files into <filename>/etc/exim4/conf.d</filename>. @@ -1716,6 +1716,46 @@ </section> </section> </section> + <section> <title>Notes on running SpamAssassin at SMTP time</title> + <para> + Exim can run + <ulink url="https://spamassassin.apache.org/"> + SpamAssassin</ulink> while receiving a message by SMTP which + allows one to avoid acceptance of spam messages. The Debian + configuration contains some example code for running SpamAssassin, + but like all filtering this needs to be handled carefully. + </para> + <para> + SpamAssassin's default report should not be used in a add_header + statement since it contains empty lines. (This triggers e.g. + Amavis' warning "BAD HEADER SECTION, Improper folded header field + made up entirely of whitespace".) This is a safe, terse alternative: + <programlisting> + clear_report_template + report (_SCORE_ / _REQD_ requ) _TESTSSCORES(,)_ autolearn=_AUTOLEARN_ + </programlisting> + </para> + <para> + Rejecting spam messages: Do not reject spam-messages received on + (non-spam) mailing lists, this can/will cause auto-unsubscription. + This also applies to messages received via forwarding services + (e.g. @debian.org addresses). If theses messages are rejected the + forwarding services will need to send a bounce address to the + spammer and will probably disable the forwarding if it happens all + the time. You will need to have some kind of whitelist to exclude + these hosts. + </para> + <para> + Security considerations: By default <command>spamd</command> + runs as root and changes uid/gid to the requested user to run + SpamAssassin. The example uses SpamAssassin default non-privileged + user (nobody) which prevents use of Bayesian filtering since this + requires persistent storage. You might want to setup a dedicated + user for exim spam scanning and use that one, either for a separate + SpamAssassin user profile or to run SpamAssassin as non-privileged + user. + </para> + </section> </section> <section> <title>Updating from Exim 3</title> @@ -1910,17 +1950,6 @@ </listitem> </itemizedlist> </listitem> - <listitem> - <simpara> - <ulink - url="http://marc.merlins.org/linux/exim/files/sa-exim-current/">localscan_dlopen.patch</ulink>: - This patch makes it possible to use and switch between - different local_scan - functions without recompiling Exim. Use - local_scan_path = /path/to/sharedobject to utilize - local_scan() in <filename>/path/to/sharedobject</filename>. - </simpara> - </listitem> </itemizedlist> </section> diff -Nru exim4-4.92/debian/rules exim4-4.92/debian/rules --- exim4-4.92/debian/rules 2018-12-15 16:02:45.000000000 +0100 +++ exim4-4.92/debian/rules 2019-04-07 13:39:31.000000000 +0200 @@ -280,13 +280,6 @@ override_dh_installinit: dh_installinit --noscripts --name=exim4 -override_dh_install: - # install config.h from daemon package, but not from exim4-daemon-light - dh_install -p exim4-dev \ - $(shell ls -1 b-exim4-daemon-*/build-$(buildname)/config.h | grep -v ^b-exim4-daemon-light/) \ - usr/include/exim4 - dh_install - override_dh_link: rm -rf debian/exim4/usr/share/doc/exim4 dh_link
signature.asc
Description: PGP signature