This forked repo has some libspf2 fixes: https://github.com/nomis/libspf2/commits/sa
It does have a fix for an int underflow in macro parsing (https://github.com/shevek/libspf2/pull/44) but there's not enough information about the anonymous/ZDI reported vulnerability to know if that's the same. The commits look sane to me. Might be worth picking this up for release, though let's also see if anything further is mentioned about libspf2 when exim release something in ~40 mins. Index: Makefile =================================================================== RCS file: /cvs/ports/mail/libspf2/Makefile,v retrieving revision 1.18 diff -u -p -r1.18 Makefile --- Makefile 11 Mar 2022 19:34:39 -0000 1.18 +++ Makefile 2 Oct 2023 10:59:28 -0000 @@ -1,10 +1,11 @@ COMMENT= SPF library -GH_ACCOUNT= shevek +#GH_ACCOUNT= shevek +GH_ACCOUNT= nomis GH_PROJECT= libspf2 -GH_COMMIT= 4915c308d57ff3abac9fb241f09c4bed2ab54815 +GH_COMMIT= 57320dc7fd54f4cdff23067999416d9e66102452 -DISTNAME= libspf2-1.2.11pre20210609 +DISTNAME= libspf2-1.2.11pre20230930 SHARED_LIBS += spf2 4.0 # 3.0 Index: distinfo =================================================================== RCS file: /cvs/ports/mail/libspf2/distinfo,v retrieving revision 1.5 diff -u -p -r1.5 distinfo --- distinfo 12 Aug 2021 10:44:23 -0000 1.5 +++ distinfo 2 Oct 2023 10:59:28 -0000 @@ -1,2 +1,2 @@ -SHA256 (libspf2-1.2.11pre20210609-4915c308.tar.gz) = 1S2zOt1D7pPnkpo+eLk4lVkrdHJltj+W2m97PeLiZEk= -SIZE (libspf2-1.2.11pre20210609-4915c308.tar.gz) = 565497 +SHA256 (libspf2-1.2.11pre20230930-57320dc7.tar.gz) = 4Amk57q3+OiIp2/N1jCsy1Q5236y02fhhz+2wefTEI8= +SIZE (libspf2-1.2.11pre20230930-57320dc7.tar.gz) = 565432 Index: patches/patch-src_libspf2_spf_compile_c =================================================================== RCS file: /cvs/ports/mail/libspf2/patches/patch-src_libspf2_spf_compile_c,v retrieving revision 1.6 diff -u -p -r1.6 patch-src_libspf2_spf_compile_c --- patches/patch-src_libspf2_spf_compile_c 11 Mar 2022 19:34:39 -0000 1.6 +++ patches/patch-src_libspf2_spf_compile_c 2 Oct 2023 10:59:28 -0000 @@ -1,6 +1,7 @@ ---- src/libspf2/spf_compile.c.orig Mon Feb 20 08:26:43 2012 -+++ src/libspf2/spf_compile.c Wed Apr 19 18:53:10 2017 -@@ -577,7 +577,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, +Index: src/libspf2/spf_compile.c +--- src/libspf2/spf_compile.c.orig ++++ src/libspf2/spf_compile.c +@@ -582,7 +582,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, switch (src[idx]) { case '%': if (spf_server->debug > 3) @@ -9,7 +10,7 @@ SPF_ENSURE_STRING_AVAIL(1); *dst++ = '%'; ds_len++; -@@ -586,7 +586,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, +@@ -591,7 +591,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, case '_': if (spf_server->debug > 3) @@ -18,7 +19,7 @@ SPF_ENSURE_STRING_AVAIL(1); *dst++ = ' '; ds_len++; -@@ -595,7 +595,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, +@@ -600,7 +600,7 @@ SPF_c_parse_macro(SPF_server_t *spf_server, case '-': if (spf_server->debug > 3) @@ -27,14 +28,3 @@ SPF_ENSURE_STRING_AVAIL(3); *dst++ = '%'; *dst++ = '2'; *dst++ = '0'; ds_len += 3; -@@ -604,8 +604,8 @@ SPF_c_parse_macro(SPF_server_t *spf_server, - - default: - if (spf_server->debug > 3) -- SPF_debugf("Adding illegal %%-follower '%c' at %d", -- src[idx], idx); -+ SPF_debugf("Adding illegal %%-follower '%c' at %lu", -+ src[idx], (unsigned long)idx); - /* SPF spec says to treat it as a literal, not - * SPF_E_INVALID_ESC */ - /* FIXME issue a warning? */ Index: patches/patch-src_libspf2_spf_dns_c =================================================================== RCS file: /cvs/ports/mail/libspf2/patches/patch-src_libspf2_spf_dns_c,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_libspf2_spf_dns_c --- patches/patch-src_libspf2_spf_dns_c 11 Mar 2022 19:34:39 -0000 1.3 +++ patches/patch-src_libspf2_spf_dns_c 2 Oct 2023 10:59:28 -0000 @@ -1,6 +1,7 @@ ---- src/libspf2/spf_dns.c.orig Wed Apr 19 18:35:29 2017 -+++ src/libspf2/spf_dns.c Wed Apr 19 18:35:40 2017 -@@ -105,7 +105,7 @@ SPF_dns_debug_post(SPF_dns_server_t *spf_dns_server, S +Index: src/libspf2/spf_dns.c +--- src/libspf2/spf_dns.c.orig ++++ src/libspf2/spf_dns.c +@@ -101,7 +101,7 @@ SPF_dns_debug_post(SPF_dns_server_t *spf_dns_server, S break; default: Index: patches/patch-src_libspf2_spf_dns_cache_c =================================================================== RCS file: patches/patch-src_libspf2_spf_dns_cache_c diff -N patches/patch-src_libspf2_spf_dns_cache_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_libspf2_spf_dns_cache_c 2 Oct 2023 10:59:28 -0000 @@ -0,0 +1,15 @@ +985d7d0fdca3 removes the fallback definition for ns_t_spf and other +uses of the SPF RRtype, but this was left + +Index: src/libspf2/spf_dns_cache.c +--- src/libspf2/spf_dns_cache.c.orig ++++ src/libspf2/spf_dns_cache.c +@@ -342,7 +342,7 @@ SPF_dns_cache_rr_fixup(SPF_dns_cache_config_t *spfhook + cached_rr->ttl = spfhook->min_ttl; + + if ( cached_rr->ttl < spfhook->txt_ttl +- && cached_rr->rr_type == ns_t_txt || cached_rr->rr_type == ns_t_spf ) ++ && cached_rr->rr_type == ns_t_txt ) + cached_rr->ttl = spfhook->txt_ttl; + + if ( cached_rr->ttl < spfhook->err_ttl Index: patches/patch-src_libspf2_spf_dns_resolv_c =================================================================== RCS file: /cvs/ports/mail/libspf2/patches/patch-src_libspf2_spf_dns_resolv_c,v retrieving revision 1.5 diff -u -p -r1.5 patch-src_libspf2_spf_dns_resolv_c --- patches/patch-src_libspf2_spf_dns_resolv_c 11 Mar 2022 19:34:39 -0000 1.5 +++ patches/patch-src_libspf2_spf_dns_resolv_c 2 Oct 2023 10:59:28 -0000 @@ -1,7 +1,27 @@ +#1, #2: +985d7d0fdca3 removes the fallback definition for ns_t_spf and other +uses of the SPF RRtype, but this was left + Index: src/libspf2/spf_dns_resolv.c --- src/libspf2/spf_dns_resolv.c.orig +++ src/libspf2/spf_dns_resolv.c -@@ -609,7 +609,10 @@ SPF_dns_resolv_free(SPF_dns_server_t *spf_dns_server) +@@ -179,7 +179,6 @@ SPF_dns_resolv_debug(SPF_dns_server_t *spf_dns_server, + SPF_debugf("MX: %d %s", prio, name_buf); + break; + +- case ns_t_spf: + case ns_t_txt: + if (rdlen < 1) { + SPF_debugf(ns_rr_type(rr) == ns_t_txt ? "TXT" : "SPF" ": rdlen too short: %lu", (unsigned long)rdlen); +@@ -510,7 +509,6 @@ SPF_dns_resolv_lookup(SPF_dns_server_t *spf_dns_server + cnt++; + break; + +- case ns_t_spf: + case ns_t_txt: + if (rdlen > 1) { + u_char *src, *dst; +@@ -608,7 +606,10 @@ SPF_dns_resolv_free(SPF_dns_server_t *spf_dns_server) SPF_ASSERT_NOTNULL(spf_dns_server); #if ! HAVE_DECL_RES_NINIT