Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2017-11-28 14:04:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "exim" Tue Nov 28 14:04:27 2017 rev:46 rq:545933 version:4.88 Changes: -------- --- /work/SRC/openSUSE:Factory/exim/exim.changes 2017-11-25 08:43:02.597417626 +0100 +++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-11-28 14:04:30.132621560 +0100 @@ -1,0 +2,23 @@ +Mon Nov 27 10:36:17 UTC 2017 - dmuel...@suse.com + +- update to 4.88: + drops fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch, + exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch +- remove exim4-manpages.tar.bz2: upstream does not exist anymore +- update keyring + +------------------------------------------------------------------- +Mon Nov 27 08:52:33 UTC 2017 - kstreit...@suse.com + +- add exim-4.86.2-mariadb_102_compile_fix.patch to fix compilation + with the mariadb 10.2 (in our case the build with libmariadb + library from the mariadb-connector-c package) + * upstream commits: a12400fd4493b676e71613ab429e731f777ebd1e and + 31beb7972466a33a88770eacbce13490f2ddadc2 + +------------------------------------------------------------------- +Mon Nov 27 06:45:14 UTC 2017 - meiss...@suse.com + +- exim-CVE-2017-16943.patch: fixed possible code execution (CVE-2017-16943 bsc#1069857) + +------------------------------------------------------------------- Old: ---- exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch exim-4.86.2.tar.bz2 exim-4.86.2.tar.bz2.asc exim4-manpages.tar.bz2 fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch New: ---- exim-4.86.2-mariadb_102_compile_fix.patch exim-4.88.tar.bz2 exim-4.88.tar.bz2.asc exim-CVE-2017-16943.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ exim.spec ++++++ --- /var/tmp/diff_new_pack.FXdMoQ/_old 2017-11-28 14:04:31.164584041 +0100 +++ /var/tmp/diff_new_pack.FXdMoQ/_new 2017-11-28 14:04:31.168583895 +0100 @@ -78,7 +78,7 @@ %endif Requires(pre): fileutils textutils %endif -Version: 4.86.2 +Version: 4.88 Release: 0 %if %{with_mysql} BuildRequires: mysql-devel @@ -102,15 +102,14 @@ Source11: exim.rc Source12: permissions.exim Source13: apparmor.usr.sbin.exim -Source20: http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/exim4-manpages.tar.bz2 Source30: eximstats-html-update.py Source31: eximstats.conf Source32: eximstats.conf-2.2 Source40: exim.service Patch0: exim-tail.patch -Patch1: exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch -Patch2: fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch Patch3: exim-CVE-2017-1000369.patch +Patch4: exim-CVE-2017-16943.patch +Patch5: exim-4.86.2-mariadb_102_compile_fix.patch %package -n eximon Summary: Eximon, an graphical frontend to administer Exim's mail queue @@ -153,9 +152,9 @@ %prep %setup -q -n exim-%{version} %patch0 -%patch1 -p 1 -%patch2 -p 1 %patch3 -p 1 +%patch4 -p 1 +%patch5 -p 1 # build with fPIE/pie on SUSE 10.0 or newer, or on any other platform %if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 fPIE="-fPIE" @@ -291,6 +290,7 @@ EXPERIMENTAL_PROXY=yes EXPERIMENTAL_CERTNAMES=yes EXPERIMENTAL_DSN=yes + SYSTEM_ALIASES_FILE=/etc/aliases %if %{with dane} EXPERIMENTAL_DANE=yes %endif @@ -326,7 +326,7 @@ inst_info=$RPM_BUILD_ROOT/%{_infodir} \ INSTALL_ARG=-no_chown install #mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim -mv $RPM_BUILD_ROOT/usr/sbin/exim-4.86* $RPM_BUILD_ROOT/usr/sbin/exim +mv $RPM_BUILD_ROOT/usr/sbin/exim-4.8* $RPM_BUILD_ROOT/usr/sbin/exim mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all substitutions done %if 0%{?suse_version} > 1220 install -m 0644 %{S:40} $RPM_BUILD_ROOT/%{_unitdir}/exim.service @@ -355,8 +355,6 @@ # man pages mv doc/exim.8 $RPM_BUILD_ROOT/%{_mandir}/man8/ pod2man --center=EXIM --section=8 $RPM_BUILD_ROOT/usr/sbin/eximstats > $RPM_BUILD_ROOT/%{_mandir}/man8/eximstats.8 -tar xvjf %{S:20} -cp -p exim4-manpages/* $RPM_BUILD_ROOT/%{_mandir}/man8/ for i in \ sendmail \ runq \ ++++++ exim-4.86.2-mariadb_102_compile_fix.patch ++++++ Index: exim-4.86.2/src/lookups/mysql.c =================================================================== --- exim-4.86.2.orig/src/lookups/mysql.c +++ exim-4.86.2/src/lookups/mysql.c @@ -14,6 +14,53 @@ functions. */ #include <mysql.h> /* The system header */ +/* We define symbols for *_VERSION_ID (numeric), *_VERSION_STR (char*) +and *_BASE_STR (char*). It's a bit of guesswork. Especially for mariadb +with versions before 10.2, as they do not define there there specific symbols. +*/ + +// Newer (>= 10.2) MariaDB +#if defined MARIADB_VERSION_ID +#define EXIM_MxSQL_VERSION_ID MARIADB_VERSION_ID + +// MySQL defines MYSQL_VERSION_ID, and MariaDB does so +// https://dev.mysql.com/doc/refman/5.7/en/c-api-server-client-versions.html +#elif defined LIBMYSQL_VERSION_ID +#define EXIM_MxSQL_VERSION_ID LIBMYSQL_VERSION_ID +#elif defined MYSQL_VERSION_ID +#define EXIM_MxSQL_VERSION_ID MYSQL_VERSION_ID + +#else +#define EXIM_MYSQL_VERSION_ID 0 +#endif + +// Newer (>= 10.2) MariaDB +#ifdef MARIADB_CLIENT_VERSION_STR +#define EXIM_MxSQL_VERSION_STR MARIADB_CLIENT_VERSION_STR + +// Mysql uses MYSQL_SERVER_VERSION +#elif defined LIBMYSQL_VERSION +#define EXIM_MxSQL_VERSION_STR LIBMYSQL_VERSION +#elif defined MYSQL_SERVER_VERSION +#define EXIM_MxSQL_VERSION_STR MYSQL_SERVER_VERSION + +#else +#define EXIM_MxSQL_VERSION_STR "N.A." +#endif + +#if defined MARIADB_BASE_VERSION +#define EXIM_MxSQL_BASE_STR MARIADB_BASE_VERSION + +#elif defined MARIADB_PACKAGE_VERSION +#define EXIM_MxSQL_BASE_STR "mariadb" + +#elif defined MYSQL_BASE_VERSION +#define EXIM_MxSQL_BASE_STR MYSQL_BASE_VERSION + +#else +#define EXIM_MxSQL_BASE_STR "n.A." +#endif + /* Structure and anchor for caching connections. */ @@ -423,10 +470,10 @@ return quoted; void mysql_version_report(FILE *f) { -fprintf(f, "Library version: MySQL: Compile: %s [%s]\n" - " Runtime: %s\n", - MYSQL_SERVER_VERSION, MYSQL_COMPILATION_COMMENT, - mysql_get_client_info()); +fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n" + " Runtime: %lu %s\n", + (long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR, + mysql_get_client_version(), mysql_get_client_info()); #ifdef DYNLOOKUP fprintf(f, " Exim version %s\n", EXIM_VERSION_STR); #endif Index: exim-4.86.2/src/EDITME =================================================================== --- exim-4.86.2.orig/src/EDITME +++ exim-4.86.2/src/EDITME @@ -253,7 +253,7 @@ TRANSPORT_SMTP=yes # you perform upgrades and revert them. You should consider the benefit of # embedding the Exim version number into LOOKUP_MODULE_DIR, so that you can # maintain two concurrent sets of modules. -# +# # *BEWARE*: ability to modify the files in LOOKUP_MODULE_DIR is equivalent to # the ability to modify the Exim binary, which is often setuid root! The Exim # developers only intend this functionality be used by OS software packagers @@ -301,6 +301,7 @@ LOOKUP_DNSDB=yes # LOOKUP_IBASE=yes # LOOKUP_LDAP=yes # LOOKUP_MYSQL=yes +# LOOKUP_MYSQL_PC=mariadb # LOOKUP_NIS=yes # LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes ++++++ exim-4.86.2.tar.bz2 -> exim-4.88.tar.bz2 ++++++ ++++ 66032 lines of diff (skipped) ++++++ exim-CVE-2017-16943.patch ++++++ >From 4e6ae6235c68de243b1c2419027472d7659aa2b4 Mon Sep 17 00:00:00 2001 From: Jeremy Harris <jgh146...@wizmail.org> Date: Fri, 24 Nov 2017 20:22:33 +0000 Subject: [PATCH] Avoid release of store if there have been later allocations. Bug 2199 --- src/src/receive.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/src/receive.c b/src/src/receive.c index e7e518a..d9b5001 100644 --- a/src/receive.c +++ b/src/receive.c @@ -1810,8 +1810,8 @@ for (;;) (and sometimes lunatic messages can have ones that are 100s of K long) we call store_release() for strings that have been copied - if the string is at the start of a block (and therefore the only thing in it, because we aren't - doing any other gets), the block gets freed. We can only do this because we - know there are no other calls to store_get() going on. */ + doing any other gets), the block gets freed. We can only do this release if + there were no allocations since the once that we want to free. */ if (ptr >= header_size - 4) { @@ -1820,9 +1820,10 @@ for (;;) header_size *= 2; if (!store_extend(next->text, oldsize, header_size)) { + BOOL release_ok = store_last_get[store_pool] == next->text; uschar *newtext = store_get(header_size); memcpy(newtext, next->text, ptr); - store_release(next->text); + if (release_ok) store_release(next->text); next->text = newtext; } } -- 1.9.1 ++++++ exim.keyring ++++++ ++++ 6838 lines (skipped) ++++ between exim.keyring ++++ and /work/SRC/openSUSE:Factory/.exim.new/exim.keyring