Richard Jones via Exim-users <[email protected]> (Do 12 Sep 2019 14:36:41 CEST): > On Sep 12, Heiko Schlittermann via Exim-users wrote > > If you're out of luck, either upgrade your Debian system to a recent > > one, or prepare to compile Exim on your own. (This is not as hard as it > > seems, but you have to care about further updates manually). > > I don't suppose anyone has magical instructions on how to do this for > exim4-daemon-heavy?
If you only want to backport the CVE patch, this should be simple, if
you're experience somewhat in re-building Debian packages.
From my mind:
# cd $WORKSPACE
apt source exim4-daemon-heavy
apt install build-depends exim4-daemon-heavy
# chdir into to the new created exim-<version> directory
# apply the patch (it is a one liner in src/string.c)
# edit debian/changelog # there exist tools for doing it, like dch
# take care to create a new incremented
# version not conflicting with further
# versions from Upstream
dpkg-buildpackage -uc -us # rebuild, do not sign anything
cd ..
Be happy with your fresh created *deb files
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
