CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2012/10/26 02:50:01
Modified files:
mail/exim : Makefile
Added files:
mail/exim/patches: patch-src_dkim_c patch-src_pdkim_pdkim_h
Log message:
SECURITY fix for Exim CVE-2012-5671 - Remote code execution with DKIM decoding
Workaround: "You are not vulnerable if <...> you put this at the start
of an ACL plumbed into acl_smtp_connect or acl_smtp_rcpt:
warn control = dkim_disable_verify"
This is backported from the diff between exim 4.80 and 4.80.1
(not updating fully to 4.80.1 yet as this small diff is safer to commit)
same diff rpointel@
