CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2016/12/25 14:13:35
Modified files:
mail/exim : Makefile distinfo
mail/exim/patches: patch-scripts_exim_install
Removed files:
mail/exim/patches: patch-src_tls-openssl_c
Log message:
security update to exim-4.88, changelog includes
JH/27 Fix a possible security hole, wherein a process operating with the Exim
UID can gain a root shell. Credit to http://www.halfdog.net/ for
discovery and writeup. Ubuntu bug 1580454; no bug raised against Exim
itself :(
JH/34 SECURITY: Use proper copy of DATA command in error message.
Could leak key material. Remotely explaoitable. CVE-2016-9963.
whoever decided to have an embargo period ending on 25 December: this was
not a particularly good idea
