commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-08-25 09:32:40
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.3399 (New)
Package is "exim"
Tue Aug 25 09:32:40 2020 rev:64 rq:828909 version:4.94
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-06-09
00:09:28.802314148 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.3399/exim.changes 2020-08-25
09:34:25.816059300 +0200
@@ -0,0 +1,5 @@
+Mon Aug 24 11:13:55 CEST 2020 - wullin...@rz.uni-kiel.de
+
+- bring back missing exim_db.8 manual page
+ (fixes bsc#1173693)
+
New:
exim_db.8.gz
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.SRI0hj/_old 2020-08-25 09:34:34.532064386 +0200
+++ /var/tmp/diff_new_pack.SRI0hj/_new 2020-08-25 09:34:34.540064390 +0200
@@ -100,6 +100,7 @@
Source31: eximstats.conf
Source32: eximstats.conf-2.2
Source40: exim.service
+Source41: exim_db.8.gz
Patch0: exim-tail.patch
Patch1: gnu_printf.patch
Patch2: patch-exim-4.94+fixes-0e8319c3edebfec2158fbaa4898af27cb3225c99
@@ -346,6 +347,8 @@
install -m 0644 %{S:2} $RPM_BUILD_ROOT/etc/logrotate.d/exim
# man pages
mv doc/exim.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
+cp $RPM_SOURCE_DIR/exim_db.8.gz $RPM_BUILD_ROOT/%{_mandir}/man8
+gunzip $RPM_BUILD_ROOT/%{_mandir}/man8/exim_db.8.gz
pod2man --center=EXIM --section=8 $RPM_BUILD_ROOT/usr/sbin/eximstats >
$RPM_BUILD_ROOT/%{_mandir}/man8/eximstats.8
for i in \
sendmail \
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-06-09 00:07:17
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.3606 (New)
Package is "exim"
Tue Jun 9 00:07:17 2020 rev:63 rq:812519 version:4.94
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-06-03
20:35:19.437699474 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.3606/exim.changes 2020-06-09
00:09:28.802314148 +0200
@@ -0,0 +1,21 @@
+Mon Jun 8 11:24:08 CEST 2020 - wullin...@rz.uni-kiel.de
+
+- bring in changes from current +fixes (lots of taint check fixes)
+ * Bug 1329: Fix format of Maildir-format filenames to match other mail-
+related applications. Previously an "H" was used where available info
+says that "M" should be, so change to match.
+
+ * Bug 2587: Fix pam expansion condition. Tainted values are commonly used
+as arguments, so an implementation trying to copy these into a local
+buffer was taking a taint-enforcement trap. Fix by using dynamically
+created buffers.
+
+ * Bug 2586: Fix listcount expansion operator. Using tainted arguments is
+reasonable, eg. to count headers. Fix by using dynamically created
+buffers rather than a local. Do similar fixes for ACL actions "dcc",
+"log_reject_target", "malware" and "spam"; the arguments are expanded
+so could be handling tainted values.
+ * Bug 2590: Fix -bi (newaliases). A previous code rearrangement had
+broken the (no-op) support for this sendmail command. Restore it
+to doing nothing, silently, and returning good status.
+
New:
patch-exim-4.94+fixes-0e8319c3edebfec2158fbaa4898af27cb3225c99
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.rR5tPX/_old 2020-06-09 00:09:31.474322348 +0200
+++ /var/tmp/diff_new_pack.rR5tPX/_new 2020-06-09 00:09:31.478322361 +0200
@@ -73,7 +73,7 @@
Requires(pre): fileutils textutils
%endif
Version:4.94
-Release:1
+Release:2
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -102,6 +102,7 @@
Source40: exim.service
Patch0: exim-tail.patch
Patch1: gnu_printf.patch
+Patch2: patch-exim-4.94+fixes-0e8319c3edebfec2158fbaa4898af27cb3225c99
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -145,6 +146,7 @@
%setup -q -n exim-%{version}
%patch0
%patch1 -p1
+%patch2 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
++ patch-exim-4.94+fixes-0e8319c3edebfec2158fbaa4898af27cb3225c99 ++
diff -ru a/README.UPDATING b/README.UPDATING
--- a/README.UPDATING 2020-05-30 22:35:38.0 +0200
+++ b/README.UPDATING 2020-06-08 10:36:12.136106000 +0200
@@ -31,9 +31,9 @@
Some Transports now refuse to use tainted data in constructing their delivery
location; this WILL BREAK configurations which are not updated accordingly.
-In particular: any Transport use of $local_user which has been relying upon
+In particular: any Transport use of $local_part which has been relying upon
check_local_user far away in the Router to make it safe, should be updated to
-replace $local_user with $local_part_data.
+replace $local_part with $local_part_data.
Attempting to remove, in router or transport, a header name that ends with
an asterisk (which is a standards-legal name) will now result in all headers
diff -ru a/src/acl.c b/src/acl.c
--- a/src/acl.c 2020-05-30 22:35:38.0 +0200
+++ b/src/acl.c 2020-06-08 10:36:13.865973000 +0200
@@ -3349,11 +3349,11 @@
{
/* Separate the regular expression and any optional parameters. */
const uschar * list = arg;
- uschar *ss = string_nextinlist(, , big_buffer, big_buffer_size);
+ uschar *ss = string_nextinlist(, , NULL, 0);
/* Run the dcc backend. */
rc = dcc_process();
/* Modify return code based upon the existence of options. */
- while ((ss = string_nextinlist(, , big_buffer,
big_buffer_size)))
+ while ((ss = string_nextinlist(, , NULL, 0)))
if (strcmpic(ss, US"defer_ok") == 0 && rc == DEFER)
rc = FAIL; /* FAIL so that the message is passed to the next ACL */
}
@@ -3514,7 +3514,7 @@
int sep = 0;
const uschar *s = arg;
uschar * ss;
- while ((ss = string_nextinlist(, , big_buffer, big_buffer_size)))
+ while ((ss = string_nextinlist(, , NULL, 0)))
{
if (Ustrcmp(ss, "main") == 0) logbits |= LOG_MAIN;
else if (Ustrcmp(ss, "panic") == 0) logbits |= LOG_PANIC;
@@ -3567,7 +3567,7 @@
{
/* Separate
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-06-03 20:34:42
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.3606 (New)
Package is "exim"
Wed Jun 3 20:34:42 2020 rev:62 rq:810991 version:4.94
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-05-20
18:45:33.121294421 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.3606/exim.changes 2020-06-03
20:35:19.437699474 +0200
@@ -0,0 +1,14 @@
+Tue Jun 2 07:12:55 CEST 2020 - wullin...@rz.uni-kiel.de
+
+- update to exim 4.94
+ * some transports now refuse to use tainted data in constructing their
delivery
+location
+this WILL BREAK configurations which are not updated accordingly.
+In particular: any Transport use of $local_user which has been relying upon
+check_local_user far away in the Router to make it safe, should be updated
to
+replace $local_user with $local_part_data.
+ * Attempting to remove, in router or transport, a header name that ends with
+an asterisk (which is a standards-legal name) will now result in all
headers
+named starting with the string before the asterisk being removed.
+
+---
Old:
exim-4.93.0.4.tar.bz2
exim-4.93.0.4.tar.bz2.asc
patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94
New:
exim-4.94.tar.bz2
exim-4.94.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.V6BqyU/_old 2020-06-03 20:35:21.557706120 +0200
+++ /var/tmp/diff_new_pack.V6BqyU/_new 2020-06-03 20:35:21.561706132 +0200
@@ -72,8 +72,8 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.93.0.4
-Release:4
+Version:4.94
+Release:1
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -87,8 +87,8 @@
License:GPL-2.0-or-later
Group: Productivity/Networking/Email/Servers
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source:
http://ftp.exim.org/pub/exim/exim4/fixes/exim-%{version}.tar.bz2
-Source3:
http://ftp.exim.org/pub/exim/exim4/fixes/exim-%{version}.tar.bz2.asc
+Source: http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2
+Source3:http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2.asc
# http://ftp.exim.org/pub/exim/Exim-Maintainers-Keyring.asc
Source4:exim.keyring
Source1:sysconfig.exim
@@ -102,7 +102,6 @@
Source40: exim.service
Patch0: exim-tail.patch
Patch1: gnu_printf.patch
-Patch2: patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -146,7 +145,6 @@
%setup -q -n exim-%{version}
%patch0
%patch1 -p1
-%patch2 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
@@ -227,7 +225,6 @@
AUTH_TLS=yes
AUTH_LIBS=-lsasl2
USE_OPENSSL=yes
- SUPPORT_TLS=yes
TLS_LIBS=-lssl -lcrypto
INFO_DIRECTORY=%{_infodir}
LOG_FILE_PATH=/var/log/exim/%%s.log
++ exim-4.93.0.4.tar.bz2 -> exim-4.94.tar.bz2 ++
30964 lines of diff (skipped)
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-05-20 18:44:42
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.2738 (New)
Package is "exim"
Wed May 20 18:44:42 2020 rev:61 rq:807583 version:4.93.0.4
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-05-15
23:51:25.033440153 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.2738/exim.changes 2020-05-20
18:45:33.121294421 +0200
@@ -0,0 +1,5 @@
+Tue May 19 13:47:05 CEST 2020 - wullin...@rz.uni-kiel.de
+- switch pretrans to use lua
+ (fixes bsc#1171877)
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.KTZxQv/_old 2020-05-20 18:45:34.113296650 +0200
+++ /var/tmp/diff_new_pack.KTZxQv/_new 2020-05-20 18:45:34.117296659 +0200
@@ -73,7 +73,7 @@
Requires(pre): fileutils textutils
%endif
Version:4.93.0.4
-Release:3
+Release:4
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -382,20 +382,22 @@
# apparmor profile
install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/usr/share/apparmor/extra-profiles/usr.sbin.exim
-%pretrans
-if [ -d "%{_docdir}/%{name}/doc/cve-2019-13917" ]; then
-moved_suffix=""
-moved_index=""
-while [ -d
"%{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved${moved_suffix}${moved_index}"
]; do
-if [ -z "${moved_suffix}" ]; then
-moved_suffix="."
-moved_index="0"
-else
-moved_index=$((${moved_index} + 1))
-fi
-done
- mv "%{_docdir}/%{name}/doc/cve-2019-13917"
"%{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved${moved_suffix}${moved_index}"
-fi
+%pretrans -p
+docdir = rpm.expand('%{_docdir}')
+pkgname = rpm.expand('%{name}')
+path = docdir .. '/' .. pkgname .. '/doc/cve-2019-13917'
+st = posix.stat(path)
+if st and st.type == "directory" then
+ status = os.rename(path, path .. ".rpmmoved")
+ if not status then
+suffix = 0
+while not status do
+ suffix = suffix + 1
+ status = os.rename(path .. ".rpmmoved", path .. ".rpmmoved." .. suffix)
+end
+os.rename(path, path .. ".rpmmoved")
+ end
+end
%pre
%if 0%{?suse_version} > 1220
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-05-15 23:51:19
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.2738 (New)
Package is "exim"
Fri May 15 23:51:19 2020 rev:60 rq:802874 version:4.93.0.4
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-04-02
17:42:56.505376807 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.2738/exim.changes 2020-05-15
23:51:25.033440153 +0200
@@ -0,0 +1,30 @@
+Tue May 12 08:19:17 UTC 2020 - wullin...@rz.uni-kiel.de
+- bring changes from current in +fixes branch
+ (patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94)
+ * fixes CVE-2020-12783 (bsc#1171490)
+ * Regard command-line recipients as tainted.
+ * Bug 2489: Fix crash in the "pam" expansion condition.
+ * Use tainted buffers for the transport smtp context.
+ * Bug 2493: Harden ARC verify against Outlook, which has been seen to mix
+the ordering of its ARC headers. This caused a crash.
+ * Bug 2492: Use tainted memory for retry record when needed. Previously when
+a new record was being constructed with information from the peer, a trap
+was taken.
+ * Bug 2494: Unset the default for dmarc_tld_file.
+ * Fix an uninitialised flag in early-pipelining. Previously connections
+could, depending on the platform, hang at the STARTTLS response.
+ * Bug 2498: Reset a counter used for ARC verify before handling another
+message on a connection. Previously if one message had ARC headers and
+the following one did not, a crash could result when adding an
+Authentication-Results: header.
+ * Bug 2500: Rewind some of the common-coding in string handling between the
+Exim main code and Exim-related utities.
+ * Fix the variables set by the gsasl authenticator.
+ * Bug 2507: Modules: on handling a dynamic-module (lookups) open failure,
+only retrieve the errormessage once.
+ * Bug 2501: Fix init call in the heimdal authenticator. Previously it
+adjusted the size of a major service buffer; this failed because the
+buffer was in use at the time. Change to a compile-time increase in the
+buffer size, when this authenticator is compiled into exim.
+
+---
New:
patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.gH5tDR/_old 2020-05-15 23:51:26.933443815 +0200
+++ /var/tmp/diff_new_pack.gH5tDR/_new 2020-05-15 23:51:26.937443822 +0200
@@ -73,7 +73,7 @@
Requires(pre): fileutils textutils
%endif
Version:4.93.0.4
-Release:2
+Release:3
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -102,6 +102,7 @@
Source40: exim.service
Patch0: exim-tail.patch
Patch1: gnu_printf.patch
+Patch2: patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -145,6 +146,7 @@
%setup -q -n exim-%{version}
%patch0
%patch1 -p1
+%patch2 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
++ patch-exim-fixes-ee83de04d3087efaf808d1f2235a988275c2ee94 ++
1184 lines (skipped)
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2020-04-02 17:42:55 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new.3248 (New) Package is "exim" Thu Apr 2 17:42:55 2020 rev:59 rq:790806 version:4.93.0.4 Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2020-04-01 19:20:24.607587044 +0200 +++ /work/SRC/openSUSE:Factory/.exim.new.3248/exim.changes 2020-04-02 17:42:56.505376807 +0200 @@ -2,0 +3,2 @@ + * fixes CVE-2020-8015 (bsc#1154183) + Other differences: --
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-04-01 19:20:17
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.3248 (New)
Package is "exim"
Wed Apr 1 19:20:17 2020 rev:58 rq:790598 version:4.93.0.4
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-01-13
22:21:21.138513440 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new.3248/exim.changes 2020-04-01
19:20:24.607587044 +0200
@@ -0,0 +1,2 @@
+Wed Apr 1 12:52:10 UTC 2020 - wullin...@rz.uni-kiel.de
+- don't create logfiles during install
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.khQHat/_old 2020-04-01 19:20:26.199587761 +0200
+++ /var/tmp/diff_new_pack.khQHat/_new 2020-04-01 19:20:26.203587762 +0200
@@ -73,7 +73,7 @@
Requires(pre): fileutils textutils
%endif
Version:4.93.0.4
-Release:1
+Release:2
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -415,10 +415,6 @@
echo copying default config file to /etc/exim/exim.conf
fi
fi
-# create logfiles if missing
-for i in var/log/exim/main.log var/log/exim/panic.log var/log/exim/reject.log;
do
- if ! test -e $i; then touch $i; chown mail:mail $i; chmod 640 $i ; fi
-done
%if 0%{?suse_version} > 1220
%{fillup_only}
%service_add_post exim.service
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-01-13 22:21:13
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.6675 (New)
Package is "exim"
Mon Jan 13 22:21:13 2020 rev:57 rq:763789 version:4.93.0.4
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2020-01-07
23:53:57.256050023 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new.6675/exim.changes 2020-01-13
22:21:21.138513440 +0100
@@ -1,0 +2,4 @@
+Mon Jan 13 08:48:53 CET 2020 - wullin...@rz.uni-kiel.de
+- add a spec-file workaround for bsc#1160726
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.XxKroM/_old 2020-01-13 22:21:21.978513830 +0100
+++ /var/tmp/diff_new_pack.XxKroM/_new 2020-01-13 22:21:21.978513830 +0100
@@ -73,7 +73,7 @@
Requires(pre): fileutils textutils
%endif
Version:4.93.0.4
-Release:0
+Release:1
%if %{with_mysql}
BuildRequires: mysql-devel
%endif
@@ -300,7 +300,6 @@
make
%install
-mkdir -p "$RPM_BUILD_ROOT/%{_docdir}/%{name}"
%if 0%{?suse_version} > 1220
mkdir -p $RPM_BUILD_ROOT/%{_unitdir}
%else
@@ -381,6 +380,21 @@
# apparmor profile
install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/usr/share/apparmor/extra-profiles/usr.sbin.exim
+%pretrans
+if [ -d "%{_docdir}/%{name}/doc/cve-2019-13917" ]; then
+moved_suffix=""
+moved_index=""
+while [ -d
"%{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved${moved_suffix}${moved_index}"
]; do
+if [ -z "${moved_suffix}" ]; then
+moved_suffix="."
+moved_index="0"
+else
+moved_index=$((${moved_index} + 1))
+fi
+done
+ mv "%{_docdir}/%{name}/doc/cve-2019-13917"
"%{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved${moved_suffix}${moved_index}"
+fi
+
%pre
%if 0%{?suse_version} > 1220
%service_add_pre exim.service
@@ -437,6 +451,7 @@
%files
%defattr(-,root,root)
+%ghost %{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved
%doc ACKNOWLEDGMENTS CHANGES LICENCE NOTICE README.UPDATING README
%doc doc
%doc src/configure.default
@@ -475,7 +490,6 @@
/usr/lib/sendmail
%{_fillupdir}/sysconfig.exim
%dir %attr(750,mail,mail) /var/log/exim
-%dir %{_docdir}/%{name}
%files -n eximon
%defattr(-,root,root)
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2020-01-07 23:53:26 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new.6675 (New) Package is "exim" Tue Jan 7 23:53:26 2020 rev:56 rq:761361 version:4.93.0.4 Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2020-01-02 14:43:02.472952099 +0100 +++ /work/SRC/openSUSE:Factory/.exim.new.6675/exim.changes 2020-01-07 23:53:57.256050023 +0100 @@ -1,0 +2,58 @@ +Tue Jan 7 07:50:35 CET 2020 - wullin...@rz.uni-kiel.de + +- update to exim 4.93.0.4 (+fixes release) + * Avoid costly startup code when not strictly needed. This reduces time +for some exim process initialisations. It does mean that the logging +of TLS configuration problems is only done for the daemon startup. + * Early-pipelining support code is now included unless disabled in Makefile. + * DKIM verification defaults no long accept sha1 hashes, to conform to +RFC 8301. They can still be enabled, using the dkim_verify_hashes main +option. + * Support CHUNKING from an smtp transport using a transport_filter, when +DKIM signing is being done. Previously a transport_filter would always +disable CHUNKING, falling back to traditional DATA. + * Regard command-line receipients as tainted. + * Bug 340: Remove the daemon pid file on exit, whe due to SIGTERM. + * Bug 2489: Fix crash in the "pam" expansion condition. It seems that the +PAM library frees one of the arguments given to it, despite the +documentation. Therefore a plain malloc must be used. + * Bug 2491: Use tainted buffers for the transport smtp context. Previously +on-stack buffers were used, resulting in a taint trap when DSN information +copied from a received message was written into the buffer. + * Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix +the ordering of its ARC headers. This caused a crash. + * Bug 2492: Use tainted memory for retry record when needed. Previously when +a new record was being constructed with information from the peer, a trap +was taken. + * Bug 2494: Unset the default for dmarc_tld_file. Previously a naiive +installation would get error messages from DMARC verify, when it hit the +nonexistent file indicated by the default. Distros wanting DMARC enabled +should both provide the file and set the option. +Also enforce no DMARC verification for command-line sourced messages. + * Fix an uninitialised flag in early-pipelining. Previously connections +could, depending on the platform, hang at the STARTTLS response. + * Bug 2498: Reset a counter used for ARC verify before handling another +message on a connection. Previously if one message had ARC headers and +the following one did not, a crash could result when adding an +Authentication-Results: header. + * Bug 2500: Rewind some of the common-coding in string handling between the +Exim main code and Exim-related utities. The introduction of taint +tracking also did many adjustments to string handling. Since then, eximon +frequently terminated with an assert failure. + * When PIPELINING, synch after every hundred or so RCPT commands sent and +check for 452 responses. This slightly helps the inefficieny of doing +a large alias-expansion into a recipient-limited target. The max_rcpt +transport option still applies (and at the current default, will override +the new feature). The check is done for either cause of synch, and forces +a fast-retry of all 452'd recipients using a new MAIL FROM on the same +connection. The new facility is not tunable at this time. + * Fix the variables set by the gsasl authenticator. Previously a pointer to +library live data was being used, so the results became garbage. Make +copies while it is still usable. + * Logging: when the deliver_time selector ise set, include the DT= field +on delivery deferred (==) and failed (**) lines (if a delivery was +attemtped). Previously it was only on completion (=>) lines. + * Authentication: the gsasl driver not provides the $authN variables in time +for the expansion of the server_scram_iter and server_scram_salt options. + +--- Old: exim-4.93.tar.bz2 exim-4.93.tar.bz2.asc New: exim-4.93.0.4.tar.bz2 exim-4.93.0.4.tar.bz2.asc Other differences: -- ++ exim.spec ++ --- /var/tmp/diff_new_pack.nbQeqj/_old 2020-01-07 23:53:58.132050478 +0100 +++ /var/tmp/diff_new_pack.nbQeqj/_new 2020-01-07 23:53:58.136050479 +0100 @@ -72,7 +72,7 @@ %endif Requires(pre): fileutils
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2020-01-02 14:42:37
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.6675 (New)
Package is "exim"
Thu Jan 2 14:42:37 2020 rev:55 rq:760356 version:4.93
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2019-12-30
12:34:37.611797948 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new.6675/exim.changes 2020-01-02
14:43:02.472952099 +0100
@@ -1,0 +2,6 @@
+Thu Jan 2 08:40:29 CET 2020 - wullin...@rz.uni-kiel.de
+
+spec file cleanup to make update work
+- add docdir to spec
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.144L9l/_old 2020-01-02 14:43:03.868952651 +0100
+++ /var/tmp/diff_new_pack.144L9l/_new 2020-01-02 14:43:03.876952654 +0100
@@ -300,6 +300,7 @@
make
%install
+mkdir -p "$RPM_BUILD_ROOT/%{_docdir}/%{name}"
%if 0%{?suse_version} > 1220
mkdir -p $RPM_BUILD_ROOT/%{_unitdir}
%else
@@ -474,6 +475,7 @@
/usr/lib/sendmail
%{_fillupdir}/sysconfig.exim
%dir %attr(750,mail,mail) /var/log/exim
+%dir %{_docdir}/%{name}
%files -n eximon
%defattr(-,root,root)
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2019-12-30 12:34:32
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.6675 (New)
Package is "exim"
Mon Dec 30 12:34:32 2019 rev:54 rq:759896 version:4.93
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2019-09-13
14:59:30.289280252 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.6675/exim.changes 2019-12-30
12:34:37.611797948 +0100
@@ -1,0 +2,24 @@
+Mon Dec 9 10:08:02 UTC 2019 - wullin...@rz.uni-kiel.de
+
+- update to exim 4.93
+ * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC
+ * DISABLE_TLS replaces SUPPORT_TLS
+ * Bump the version for the local_scan API.
+ * smtp transport option hosts_try_fastopen defaults to "*".
+ * DNSSec is requested (not required) for all queries. (This seemes to
+ask for trouble if your resolver is a systemd-resolved.)
+ * Generic router option retry_use_local_part defaults to "true" under
specific
+pre-conditions.
+ * Introduce a tainting mechanism for values read from untrusted sources.
+ * Use longer file names for temporary spool files (this avoids
+name conflicts with spool on a shared file system).
+ * Use dsn_from main config option (was ignored previously).
+
+---
+Mon Sep 30 15:39:54 UTC 2019 - po...@cmdline.net
+
+- update to exim 4.92.3
+ * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat,
+remote code execution seems to be possible
+
+---
Old:
exim-4.92.2.tar.bz2
exim-4.92.2.tar.bz2.asc
New:
exim-4.93.tar.bz2
exim-4.93.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.8pkH6J/_old 2019-12-30 12:34:38.279798307 +0100
+++ /var/tmp/diff_new_pack.8pkH6J/_new 2019-12-30 12:34:38.279798307 +0100
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -52,7 +52,7 @@
BuildRequires: pkgconfig(xaw7)
BuildRequires: pkgconfig(xmu)
BuildRequires: pkgconfig(xt)
-Url:http://www.exim.org/
+URL:http://www.exim.org/
Conflicts: sendmail sendmail-tls postfix
Provides: smtp_daemon
%if %{?suse_version:%suse_version}%{?!suse_version:0} > 800
@@ -72,7 +72,7 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.92.2
+Version:4.93
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
@@ -197,7 +197,7 @@
LOOKUP_PASSWD=yes
# LOOKUP_WHOSON=yes
CYRUS_SASLAUTHD_SOCKET=/var/run/sasl2/mux
- LOOKUP_LIBS=-llber
+ LOOKUP_LIBS=-llber -lnsl
%if %{with_ldap}
LDAP_LIB_TYPE=OPENLDAP2
LOOKUP_LIBS+=-lldap
@@ -224,6 +224,7 @@
AUTH_DOVECOT=yes
AUTH_TLS=yes
AUTH_LIBS=-lsasl2
+USE_OPENSSL=yes
SUPPORT_TLS=yes
TLS_LIBS=-lssl -lcrypto
INFO_DIRECTORY=%{_infodir}
@@ -273,7 +274,7 @@
HAVE_IPV6=YES
SUPPORT_SPF=yes
LOOKUP_LIBS+=-lspf2
-#EXPERIMENTAL_DMARC=yes
+#SUPPORT_DMARC=yes
#CFLAGS += -I/usr/local/include
#LDFLAGS += -lopendmarc
EXPERIMENTAL_EVENT=yes
@@ -289,7 +290,7 @@
EXPERIMENTAL_INTERNATIONAL=yes
%endif
LDFLAGS += -lidn
- CFLAGS=$RPM_OPT_FLAGS -Wall $CFLAGS_OPT_WERROR -fno-strict-aliasing
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE
+ CFLAGS=$RPM_OPT_FLAGS -std=gnu99 -Wall $CFLAGS_OPT_WERROR
-fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
-DLDAP_DEPRECATED $fPIE
EXTRALIBS=-ldl -lpam -L/usr/X11R6/%{_lib} $pie
EOF
touch Local/eximon.conf
++ exim-4.92.2.tar.bz2 -> exim-4.93.tar.bz2 ++
51972 lines of diff (skipped)
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2019-09-13 14:59:26
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.7948 (New)
Package is "exim"
Fri Sep 13 14:59:26 2019 rev:53 rq:730177 version:4.92.2
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2019-07-26
12:42:39.673848205 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.7948/exim.changes 2019-09-13
14:59:30.289280252 +0200
@@ -0,0 +1,8 @@
+---
+Sat Sep 7 18:22:08 UTC 2019 - po...@cmdline.net
+
+- update to exim 4.92.2
+ * CVE-2019-15846: fix against remote attackers executing arbitrary code as
+root via a trailing backslash
+
+---
Old:
exim-4.92.1.tar.bz2
exim-4.92.1.tar.bz2.asc
New:
exim-4.92.2.tar.bz2
exim-4.92.2.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.Qopg5T/_old 2019-09-13 14:59:31.229280292 +0200
+++ /var/tmp/diff_new_pack.Qopg5T/_new 2019-09-13 14:59:31.229280292 +0200
@@ -72,7 +72,7 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.92.1
+Version:4.92.2
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
++ exim-4.92.1.tar.bz2 -> exim-4.92.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92.1/doc/ChangeLog
new/exim-4.92.2/doc/ChangeLog
--- old/exim-4.92.1/doc/ChangeLog 2019-07-18 20:55:56.0 +0200
+++ new/exim-4.92.2/doc/ChangeLog 2019-09-02 23:57:27.0 +0200
@@ -4,6 +4,11 @@
affect Exim's operation, with an unchanged configuration file. For new
options, and new features, see the NewStuff file next to this ChangeLog.
+Exim version 4.92.2
+---
+
+HS/01 Handle trailing backslash gracefully. (CVE-2019-15846)
+
Exim version 4.92.1
---
File old/exim-4.92.1/doc/cve-2019-13917 is a regular file while file
new/exim-4.92.2/doc/cve-2019-13917 is a directory
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92.1/doc/cve-2019-15846/cve.txt
new/exim-4.92.2/doc/cve-2019-15846/cve.txt
--- old/exim-4.92.1/doc/cve-2019-15846/cve.txt 1970-01-01 01:00:00.0
+0100
+++ new/exim-4.92.2/doc/cve-2019-15846/cve.txt 2019-09-02 23:57:27.0
+0200
@@ -0,0 +1,45 @@
+CVE ID: CVE-2019-15846
+Date: 2019-09-02 (CVE assigned)
+Credits:Zerons for the initial report
+Qualys https://www.qualys.com/ for the analysis
+Version(s): all versions up to and including 4.92.1
+Issue: A local or remote attacker can execute programs with root
+privileges.
+
+Conditions to be vulnerable
+===
+
+If your Exim server accepts TLS connections, it is vulnerable. This does
+not depend on the TLS libray, so both, GnuTLS and OpenSSL are affected.
+
+Details
+===
+
+The vulnerability is exploitable by sending a SNI ending in a
+backslash-null sequence during the initial TLS handshake. The exploit
+exists as a POC. For more details see the document qualys.mbx
+
+Mitigation
+==
+
+Do not offer TLS. (This mitigation is not recommended.)
+
+Fix
+===
+
+Download and build a fixed version:
+
+Tarballs: https://ftp.exim.org/pub/exim/exim4/
+Git: https://github.com/Exim/exim.git
+ - tagexim-4.92.2
+ - branch exim-4.92.2+fixes
+
+The tagged commit is the officially released version. The +fixes branch
+isn't officially maintained, but contains the security fix *and* useful
+fixes.
+
+If you can't install the above versions, ask your package maintainer for
+a version containing the backported fix. On request and depending on our
+resources we will support you in backporting the fix. (Please note,
+the Exim project officially doesn't support versions prior the current
+stable version.)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92.1/doc/cve-2019-15846/mitre.mbx
new/exim-4.92.2/doc/cve-2019-15846/mitre.mbx
--- old/exim-4.92.1/doc/cve-2019-15846/mitre.mbx1970-01-01
01:00:00.0 +0100
+++ new/exim-4.92.2/doc/cve-2019-15846/mitre.mbx2019-09-02
23:57:27.0 +0200
@@ -0,0 +1,84 @@
+From cve-requ...@mitre.org Mon Sep 2 18:12:21 2019
+Return-Path:
+Authentication-Results: mx.net.schlittermann.de; iprev=pass
+ (smtpvbsrv1.mitre.org) smtp.remote-ip=198.49.146.234; spf=pass
+ smtp.mailfrom=mitre.org; dkim=pass header.d=mitre.org header.s=selector1
+ header.a=rsa-sha256; dmarc=pass
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2019-07-26 12:42:36
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.4126 (New)
Package is "exim"
Fri Jul 26 12:42:36 2019 rev:52 rq:718600 version:4.92.1
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2019-06-12
13:14:16.816817868 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.4126/exim.changes 2019-07-26
12:42:39.673848205 +0200
@@ -0,0 +1,8 @@
+Thu Jul 25 13:43:52 UTC 2019 - alex
+
+- update to exim 4.92.1
+ * CVE-2019-13917: Fixed an issue with ${sort} expansion which could
+ allow remote attackers to execute other programs with root privileges
+ (boo#1142207)
+
+---
Old:
exim-4.92.tar.bz2
exim-4.92.tar.bz2.asc
New:
exim-4.92.1.tar.bz2
exim-4.92.1.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.ii7R12/_old 2019-07-26 12:42:40.873847691 +0200
+++ /var/tmp/diff_new_pack.ii7R12/_new 2019-07-26 12:42:40.873847691 +0200
@@ -72,7 +72,7 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.92
+Version:4.92.1
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
++ exim-4.92.tar.bz2 -> exim-4.92.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92/doc/ChangeLog new/exim-4.92.1/doc/ChangeLog
--- old/exim-4.92/doc/ChangeLog 2019-01-30 14:59:52.0 +0100
+++ new/exim-4.92.1/doc/ChangeLog 2019-07-18 20:55:56.0 +0200
@@ -5,6 +5,12 @@
options, and new features, see the NewStuff file next to this ChangeLog.
+Exim version 4.92.1
+---
+
+JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917,
OVE-20190718-0006)
+
+
Exim version 4.92
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92/doc/cve-2019-13917
new/exim-4.92.1/doc/cve-2019-13917
--- old/exim-4.92/doc/cve-2019-139171970-01-01 01:00:00.0 +0100
+++ new/exim-4.92.1/doc/cve-2019-13917 2019-07-18 20:55:56.0 +0200
@@ -0,0 +1,46 @@
+CVE ID: CVE-2019-13917
+OVE ID: OVE-20190718-0006
+Date: 2019-07-18
+Credits:Jeremy Harris
+Version(s): 4.85 up to and including 4.92
+Issue: A local or remote attacker can execute programs with root
+privileges - if you've an unusual configuration. See below.
+
+Conditions to be vulnerable
+===
+
+If your configuration uses the ${sort } expansion for items that can be
+controlled by an attacker (e.g. $local_part, $domain). The default
+config, as shipped by the Exim developers, does not contain ${sort }.
+
+Details
+===
+
+The vulnerability is exploitable either remotely or locally and could
+be used to execute other programs with root privilege. The ${sort }
+expansion re-evaluates its items.
+
+Mitigation
+==
+
+Do not use ${sort } in your configuration.
+
+Fix
+===
+
+Download and build a fixed version:
+
+Tarballs: http://ftp.exim.org/pub/exim/exim4/
+Git: https://github.com/Exim/exim.git
+ - tagexim-4.92.1
+ - branch exim-4.92+fixes
+
+The tagged commit is the officially released version. The +fixes branch
+isn't officially maintained, but contains useful patches *and* the
+security fix.
+
+If you can't install the above versions, ask your package maintainer for
+a version containing the backported fix. On request and depending on our
+resources we will support you in backporting the fix. (Please note,
+that Exim project officially doesn't support versions prior the current
+stable version.)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92/doc/filter.txt
new/exim-4.92.1/doc/filter.txt
--- old/exim-4.92/doc/filter.txt2019-02-10 19:23:07.0 +0100
+++ new/exim-4.92.1/doc/filter.txt 2019-07-18 21:15:43.0 +0200
@@ -4,7 +4,7 @@
Copyright (c) 2014 University of Cambridge
-Revision 4.92 10 Feb 2019 PH
+Revision 4.92.1 18 Jul 2019 PH
---
@@ -77,7 +77,7 @@
This document describes the user interfaces to Exim's in-built mail filtering
facilities, and is copyright (c) University of Cambridge 2014. It corresponds
-to Exim version 4.92.
+to Exim version 4.92.1.
1.1 Introduction
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.92/doc/spec.txt new/exim-4.92.1/doc/spec.txt
--- old/exim-4.92/doc/spec.txt
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2019-06-12 13:14:15
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.4811 (New)
Package is "exim"
Wed Jun 12 13:14:15 2019 rev:51 rq:708768 version:4.92
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2019-06-06
18:18:26.188666453 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.4811/exim.changes 2019-06-12
13:14:16.816817868 +0200
@@ -0,0 +1,8 @@
+Wed Jun 5 07:14:44 CEST 2019 - wullin...@rz.uni-kiel.de
+
+- spec file cleanup
+ * fix DANE inclusion guard condition
+ * re-enable i18n and remove misleading comment
+ * EXPERIMENTAL_SPF is now SUPPORT_SPF
+ * DANE is now SUPPORT_DANE
+
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.Sqzfrd/_old 2019-06-12 13:14:17.740816899 +0200
+++ /var/tmp/diff_new_pack.Sqzfrd/_new 2019-06-12 13:14:17.744816895 +0200
@@ -25,14 +25,13 @@
%bcond_without pgsql
%bcond_without sqlite
%bcond_without ldap
-%if 0%{?suse_version} < 1199 || 0%{?centos_version} < 599 || 0%{?rhel_version}
< 599
-%bcond_withdane
-%else
+%bcond_without i18n
+
+%if 0%{?suse_version} > 1199 || 0%{?centos_version} > 599 || 0%{?rhel_version}
> 599
%bcond_without dane
+%else
+%bcond_with dane
%endif
-# disable for now,
-# since utf8_downconvert currently crashes
-%bcond_without i18n
Name: exim
BuildRequires: cyrus-sasl-devel
@@ -272,7 +271,7 @@
# SPOOL_MODE=0640
SUPPORT_MOVE_FROZEN_MESSAGES=yes
HAVE_IPV6=YES
- EXPERIMENTAL_SPF=yes
+SUPPORT_SPF=yes
LOOKUP_LIBS+=-lspf2
#EXPERIMENTAL_DMARC=yes
#CFLAGS += -I/usr/local/include
@@ -283,7 +282,7 @@
EXPERIMENTAL_DSN=yes
SYSTEM_ALIASES_FILE=/etc/aliases
%if %{with dane}
- DANE=yes
+SUPPORT_DANE=yes
%endif
EXPERIMENTAL_SOCKS=yes
%if %{with i18n}
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2019-06-06 18:18:24 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new.4811 (New) Package is "exim" Thu Jun 6 18:18:24 2019 rev:50 rq:707946 version:4.92 Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2019-03-24 15:01:55.747164469 +0100 +++ /work/SRC/openSUSE:Factory/.exim.new.4811/exim.changes 2019-06-06 18:18:26.188666453 +0200 @@ -11,0 +12 @@ + * CVE-2019-10149: Fixed a Remote Command Execution (bsc#1136587) Other differences: --
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2019-03-24 15:01:52
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new.25356 (New)
Package is "exim"
Sun Mar 24 15:01:52 2019 rev:49 rq:687929 version:4.92
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2018-05-15
10:30:59.673493531 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new.25356/exim.changes 2019-03-24
15:01:55.747164469 +0100
@@ -1,0 +2,14 @@
+Sat Mar 23 05:03:11 UTC 2019 - sean...@opensuse.org
+
+- update to exim 4.92
+ * ${l_header:} expansion
+ * ${readsocket} now supports TLS
+ * "utf8_downconvert" option (if built with SUPPORT_I18N)
+ * "pipelining" log_selector
+ * JSON variants for ${extract } expansion
+ * "noutf8" debug option
+ * TCP Fast Open support on MacOS
+- add workaround patch for compile time error on missing printf
+ format annotation (gnu_printf.patch)
+
+---
Old:
exim-4.91.tar.bz2
exim-4.91.tar.bz2.asc
New:
exim-4.92.tar.bz2
exim-4.92.tar.bz2.asc
gnu_printf.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.bkGFRw/_old 2019-03-24 15:01:56.951164315 +0100
+++ /var/tmp/diff_new_pack.bkGFRw/_new 2019-03-24 15:01:56.955164315 +0100
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -73,7 +73,7 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.91
+Version:4.92
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
@@ -102,6 +102,7 @@
Source32: eximstats.conf-2.2
Source40: exim.service
Patch0: exim-tail.patch
+Patch1: gnu_printf.patch
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -144,6 +145,7 @@
%prep
%setup -q -n exim-%{version}
%patch0
+%patch1 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
++ exim-4.91.tar.bz2 -> exim-4.92.tar.bz2 ++
36360 lines of diff (skipped)
++ exim.keyring ++
7025 lines (skipped)
between exim.keyring
and /work/SRC/openSUSE:Factory/.exim.new.25356/exim.keyring
++ gnu_printf.patch ++
diff -ru exim-4.92.orig/src/exim.c exim-4.92/src/exim.c
--- exim-4.92.orig/src/exim.c 2019-02-11 13:17:06.489418000 +0100
+++ exim-4.92/src/exim.c2019-02-11 13:34:50.663777000 +0100
@@ -683,6 +683,9 @@
/* Print error string, then die */
+#ifdef __GNUC__
+static void exim_fail(const char * fmt, ...) __attribute__((format (printf, 1,
2)));
+#endif
static void
exim_fail(const char * fmt, ...)
{
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2018-05-15 10:04:24
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Tue May 15 10:04:24 2018 rev:48 rq:603159 version:4.91
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2017-12-08
13:03:33.996296609 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2018-05-15
10:30:59.673493531 +0200
@@ -1,0 +2,149 @@
+Mon Apr 16 13:57:17 UTC 2018 - wullin...@rz.uni-kiel.de
+
+- update to 4.91
+ * DEFER rather than ERROR on redis cluster MOVED response.
+ * Catch and remove uninitialized value warning in exiqsumm
+ * Disallow '/' characters in queue names specified for the "queue=" ACL
+modifier. This matches the restriction on the commandline.
+ * Fix pgsql lookup for multiple result-tuples with a single column.
+Previously only the last row was returned.
+ * Bug 2217: Tighten up the parsing of DKIM signature headers.
+ * Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
+ * Fix issue with continued-connections when the DNS shifts unreliably.
+ * Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
+ * The "support for" informational output now, which built with Content
+ Scanning support, has a line for the malware scanner interfaces compiled
+ in. Interface can be individually included or not at build time.
+ * The "aveserver", "kavdaemon" and "mksd" interfaces are now not included
+ by the template makefile "src/EDITME". The "STREAM" support for an older
+ ClamAV interface method is removed.
+ * Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
+ rows affected is given instead).
+ * The runtime Berkeley DB library version is now additionally output by
+ "exim -d -bV". Previously only the compile-time version was shown.
+ * Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
+ SMTP connection.
+ * Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
+ routers.
+ * Bug 2174: A timeout on connect for a callout was also erroneously seen as
+ a timeout on read on a GnuTLS initiating connection, resulting in the
+ initiating connection being dropped.
+ * Relax results from ACL control request to enable cutthrough, in
+ unsupported situations, from error to silently (except under debug)
+ ignoring.
+ * Fix Buffer overflow in base64d() (CVE-2018-6789)
+ * Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
+ metadata, resulting in a crash in free().
+ * Fix broken Heimdal GSSAPI authenticator integration.
+ * Bug 2113: Fix conversation closedown with the Avast malware scanner.
+ * Bug 2239: Enforce non-usability of control=utf8_downconvert in the mail ACL.
+ * Speed up macro lookups during configuration file read, by skipping non-
+ macro text after a replacement (previously it was only once per line) and
+ by skipping builtin macros when searching for an uppercase lead character.
+ * DANE support moved from Experimental to mainline. The Makefile control
+ for the build is renamed.
+ * Fix memory leak during multi-message connections using STARTTLS.
+ * Bug 2236: When a DKIM verification result is overridden by ACL, DMARC
+ reported the original. Fix to report (as far as possible) the ACL
+ result replacing the original.
+ * Fix memory leak during multi-message connections using STARTTLS under
+ OpenSSL
+ * Bug 2242: Fix exim_dbmbuild to permit directoryless filenames.
+ * Fix utf8_downconvert propagation through a redirect router.
+ * Bug 2253: For logging delivery lines under PRDR, append the overall
+ DATA response info to the (existing) per-recipient response info for
+ the "C=" log element.
+ * Bug 2251: Fix ldap lookups that return a single attribute having zero-
+ length value.
+ * Support Avast multiline protocol, this allows passing flags to
+ newer versions of the scanner.
+ * Ensure that variables possibly set during message acceptance are marked
+dead before release of memory in the daemon loop.
+ * Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such
+ as a multi-recipient message from a mailinglist manager).
+ * The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being
+ replaced by the ${authresults } expansion.
+ * Bug 2257: Fix pipe transport to not use a socket-only syscall.
+ * Set a handler for SIGTERM and call exit(3) if running as PID 1. This
+ allows proper process termination in container environments.
+ * Bug 2258: Fix spool_wireformat in combination with LMTP transport.
+ Previously the "final dot" had a newline after it; ensure it is CR,LF.
+ * SPF: remove support for the "spf" ACL condition outcome values "err_temp"
+
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2017-12-08 13:02:42
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Fri Dec 8 13:02:42 2017 rev:47 rq:555178 version:4.88
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2017-11-28
14:04:30.132621560 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-12-08
13:03:33.996296609 +0100
@@ -1,0 +2,7 @@
+Thu Nov 30 08:32:50 UTC 2017 - wullin...@rz.uni-kiel.de
+
+- add exim-CVE-2017-16944.patch:
+ backport of commit 178ecb70987f024f0e775d87c2f8b2cf587dd542
+ fix for CVE-2017-16944 (#bsc1069859)
+
+---
New:
exim-CVE-2017-16944.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.h5xbuv/_old 2017-12-08 13:03:35.048258617 +0100
+++ /var/tmp/diff_new_pack.h5xbuv/_new 2017-12-08 13:03:35.048258617 +0100
@@ -109,7 +109,8 @@
Patch0: exim-tail.patch
Patch3: exim-CVE-2017-1000369.patch
Patch4: exim-CVE-2017-16943.patch
-Patch5: exim-4.86.2-mariadb_102_compile_fix.patch
+Patch5: exim-CVE-2017-16944.patch
+Patch6: exim-4.86.2-mariadb_102_compile_fix.patch
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -155,6 +156,7 @@
%patch3 -p 1
%patch4 -p 1
%patch5 -p 1
+%patch6 -p 1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
++ exim-CVE-2017-16944.patch ++
diff -ru a/src/receive.c b/src/receive.c
--- a/src/receive.c 2017-11-30 09:15:29.593364805 +0100
+++ b/src/receive.c 2017-11-30 09:17:32.026970431 +0100
@@ -1759,7 +1759,7 @@
prevent further reading), and break out of the loop, having freed the
empty header, and set next = NULL to indicate no data line. */
- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))
+ if (ptr == 0 && ch == '.' && dot_ends)
{
ch = (receive_getc)();
if (ch == '\r')
diff -ru a/src/smtp_in.c b/src/smtp_in.c
--- a/src/smtp_in.c 2017-11-30 09:15:29.593364805 +0100
+++ b/src/smtp_in.c 2017-11-30 09:41:47.270055566 +0100
@@ -4751,11 +4751,17 @@
? CHUNKING_LAST : CHUNKING_ACTIVE;
chunking_data_left = chunking_datasize;
+ /* push the current receive_* function on the "stack", and
+ replace them by bdat_getc(), which in turn will use the lwr_receive_*
+ functions to do the dirty work. */
lwr_receive_getc = receive_getc;
lwr_receive_ungetc = receive_ungetc;
+
receive_getc = bdat_getc;
receive_ungetc = bdat_ungetc;
+ dot_ends = FALSE;
+
DEBUG(D_any)
debug_printf("chunking state %d\n", (int)chunking_state);
goto DATA_BDAT;
@@ -4763,6 +4769,7 @@
case DATA_CMD:
HAD(SCH_DATA);
+dot_ends = TRUE;
DATA_BDAT: /* Common code for DATA and BDAT */
if (!discarded && recipients_count <= 0)
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2017-11-28 14:04:27
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Tue Nov 28 14:04:27 2017 rev:46 rq:545933 version:4.88
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2017-11-25
08:43:02.597417626 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-11-28
14:04:30.132621560 +0100
@@ -1,0 +2,23 @@
+Mon Nov 27 10:36:17 UTC 2017 - dmuel...@suse.com
+
+- update to 4.88:
+ drops fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch,
+ exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch
+- remove exim4-manpages.tar.bz2: upstream does not exist anymore
+- update keyring
+
+---
+Mon Nov 27 08:52:33 UTC 2017 - kstreit...@suse.com
+
+- add exim-4.86.2-mariadb_102_compile_fix.patch to fix compilation
+ with the mariadb 10.2 (in our case the build with libmariadb
+ library from the mariadb-connector-c package)
+ * upstream commits: a12400fd4493b676e71613ab429e731f777ebd1e and
+ 31beb7972466a33a88770eacbce13490f2ddadc2
+
+---
+Mon Nov 27 06:45:14 UTC 2017 - meiss...@suse.com
+
+- exim-CVE-2017-16943.patch: fixed possible code execution (CVE-2017-16943
bsc#1069857)
+
+---
Old:
exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch
exim-4.86.2.tar.bz2
exim-4.86.2.tar.bz2.asc
exim4-manpages.tar.bz2
fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch
New:
exim-4.86.2-mariadb_102_compile_fix.patch
exim-4.88.tar.bz2
exim-4.88.tar.bz2.asc
exim-CVE-2017-16943.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.FXdMoQ/_old 2017-11-28 14:04:31.164584041 +0100
+++ /var/tmp/diff_new_pack.FXdMoQ/_new 2017-11-28 14:04:31.168583895 +0100
@@ -78,7 +78,7 @@
%endif
Requires(pre): fileutils textutils
%endif
-Version:4.86.2
+Version:4.88
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
@@ -102,15 +102,14 @@
Source11: exim.rc
Source12: permissions.exim
Source13: apparmor.usr.sbin.exim
-Source20:
http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/exim4-manpages.tar.bz2
Source30: eximstats-html-update.py
Source31: eximstats.conf
Source32: eximstats.conf-2.2
Source40: exim.service
Patch0: exim-tail.patch
-Patch1:
exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch
-Patch2:
fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch
Patch3: exim-CVE-2017-1000369.patch
+Patch4: exim-CVE-2017-16943.patch
+Patch5: exim-4.86.2-mariadb_102_compile_fix.patch
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -153,9 +152,9 @@
%prep
%setup -q -n exim-%{version}
%patch0
-%patch1 -p 1
-%patch2 -p 1
%patch3 -p 1
+%patch4 -p 1
+%patch5 -p 1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
@@ -291,6 +290,7 @@
EXPERIMENTAL_PROXY=yes
EXPERIMENTAL_CERTNAMES=yes
EXPERIMENTAL_DSN=yes
+ SYSTEM_ALIASES_FILE=/etc/aliases
%if %{with dane}
EXPERIMENTAL_DANE=yes
%endif
@@ -326,7 +326,7 @@
inst_info=$RPM_BUILD_ROOT/%{_infodir} \
INSTALL_ARG=-no_chown install
#mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
-mv $RPM_BUILD_ROOT/usr/sbin/exim-4.86* $RPM_BUILD_ROOT/usr/sbin/exim
+mv $RPM_BUILD_ROOT/usr/sbin/exim-4.8* $RPM_BUILD_ROOT/usr/sbin/exim
mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all
substitutions done
%if 0%{?suse_version} > 1220
install -m 0644 %{S:40} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
@@ -355,8 +355,6 @@
# man pages
mv doc/exim.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
pod2man --center=EXIM --section=8 $RPM_BUILD_ROOT/usr/sbin/eximstats >
$RPM_BUILD_ROOT/%{_mandir}/man8/eximstats.8
-tar xvjf %{S:20}
-cp -p exim4-manpages/* $RPM_BUILD_ROOT/%{_mandir}/man8/
for i in \
sendmail \
runq \
++ exim-4.86.2-mariadb_102_compile_fix.patch ++
Index: exim-4.86.2/src/lookups/mysql.c
===
--- exim-4.86.2.orig/src/lookups/mysql.c
+++ exim-4.86.2/src/lookups/mysql.c
@@ -14,6 +14,53 @@ functions. */
#include/* The system header */
+/* We define symbols for *_VERSION_ID (numeric),
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2017-11-25 08:43:01
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Sat Nov 25 08:43:01 2017 rev:45 rq:545097 version:4.86.2
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2017-10-17
01:53:07.432731800 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-11-25
08:43:02.597417626 +0100
@@ -1,0 +2,6 @@
+Thu Nov 23 13:43:04 UTC 2017 - rbr...@suse.com
+
+- Replace references to /var/adm/fillup-templates with new
+ %_fillupdir macro (boo#1069468)
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.Jasale/_old 2017-11-25 08:43:03.685377988 +0100
+++ /var/tmp/diff_new_pack.Jasale/_new 2017-11-25 08:43:03.689377842 +0100
@@ -16,6 +16,11 @@
#
+#Compat macro for new _fillupdir macro introduced in Nov 2017
+%if ! %{defined _fillupdir}
+ %define _fillupdir /var/adm/fillup-templates
+%endif
+
%bcond_without mysql
%bcond_without pgsql
%bcond_without sqlite
@@ -313,7 +318,7 @@
mkdir -p $RPM_BUILD_ROOT/usr/{bin,sbin,lib}
mkdir -p $RPM_BUILD_ROOT/var/log/exim
mkdir -p $RPM_BUILD_ROOT/var/spool/mail/
-mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates
+mkdir -p $RPM_BUILD_ROOT%{_fillupdir}
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
mkdir -p $RPM_BUILD_ROOT/usr/bin
make inst_dest=$RPM_BUILD_ROOT/usr/sbin \
@@ -345,7 +350,7 @@
ln -sv ../../etc/init.d/exim $RPM_BUILD_ROOT/usr/sbin/rcexim
%endif
mv $RPM_BUILD_ROOT/usr/sbin/eximon* $RPM_BUILD_ROOT/usr/bin/
-cp -p %{S:1} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.exim
+cp -p %{S:1} $RPM_BUILD_ROOT%{_fillupdir}/sysconfig.exim
install -m 0644 %{S:2} $RPM_BUILD_ROOT/etc/logrotate.d/exim
# man pages
mv doc/exim.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
@@ -478,7 +483,7 @@
/usr/bin/newaliases
/usr/sbin/sendmail
/usr/lib/sendmail
-/var/adm/fillup-templates/sysconfig.exim
+%{_fillupdir}/sysconfig.exim
%dir %attr(750,mail,mail) /var/log/exim
%files -n eximon
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2017-10-17 01:53:02
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Tue Oct 17 01:53:02 2017 rev:44 rq:534147 version:4.86.2
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2017-07-07
10:16:56.858746658 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-10-17
01:53:07.432731800 +0200
@@ -1,0 +2,8 @@
+Mon Oct 9 11:36:38 UTC 2017 - dims...@opensuse.org
+
+- Explicitly buildrequire libnsl-devel on suse_version >= 1330:
+ libnsl used to be an integrated part of glibc. Since the build
+ system / makefiles explicitly reference libnsl, it is our own
+ duty to ensure we have our deps in place.
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.dn6WV4/_old 2017-10-17 01:53:08.644675033 +0200
+++ /var/tmp/diff_new_pack.dn6WV4/_new 2017-10-17 01:53:08.648674846 +0200
@@ -33,6 +33,9 @@
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
BuildRequires: libidn-devel
+%if 0%{?suse_version} >= 1330
+BuildRequires: libnsl-devel
+%endif
BuildRequires: libspf2-devel
BuildRequires: pam-devel
%if %{with_ldap}
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2017-07-07 10:16:56 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new (New) Package is "exim" Fri Jul 7 10:16:56 2017 rev:43 rq:508334 version:4.86.2 Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2017-07-01 14:06:34.195441613 +0200 +++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-07-07 10:16:56.858746658 +0200 @@ -1,0 +2,5 @@ +Tue Jul 4 11:15:20 UTC 2017 - meiss...@suse.com + +- specify users with ref:mail, to make them dynamic. bsc#1046971 + +--- Other differences: -- ++ exim.spec ++ --- /var/tmp/diff_new_pack.fU9Dxs/_old 2017-07-07 10:16:58.138565570 +0200 +++ /var/tmp/diff_new_pack.fU9Dxs/_new 2017-07-07 10:16:58.142565004 +0200 @@ -160,8 +160,8 @@ # see src/EDITME for comments. BIN_DIRECTORY=/usr/sbin CONFIGURE_FILE=/etc/exim/exim.conf - EXIM_USER=mail - EXIM_GROUP=mail + EXIM_USER=ref:mail + EXIM_GROUP=ref:mail SPOOL_DIRECTORY=/var/spool/exim ROUTER_ACCEPT=yes ROUTER_DNSLOOKUP=yes
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2017-07-01 14:06:08
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Sat Jul 1 14:06:08 2017 rev:42 rq:507377 version:4.86.2
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2016-10-04
16:00:03.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2017-07-01
14:06:34.195441613 +0200
@@ -1,0 +2,28 @@
+Mon Jun 19 16:27:45 UTC 2017 - meiss...@suse.com
+
+- exim-CVE-2017-1000369.patch: Fixed memory leaks that could be
+ exploited to "stack crash" local privilege escalation (bsc#1044692)
+
+- Require user(mail) group(mail) to meet new users handling in TW.
+
+- Prerequire permissions (fixes rpmlint).
+
+---
+Mon Apr 24 07:45:00 UTC 2017 - wullin...@rz.uni-kiel.de
+
+- conditionally disable DANE on SuSE versions with OpenSSL < 1.0
+
+- exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch:
+ import exim-4_86_2+fixes branch
++ fix CVE-2016-1531
+ when installed setuid root, allows local users to gain privileges via
the perl_startup
+ argument.
++ fix Bug 1805: store the initial working directory, expand $initial_cwd
++ fix Bug 1671: segfault after delivery
(https://bugs.exim.org/show_bug.cgi?id=1671)
++ Don't issue env warning if env is empty
+
+- fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch:
+ DKIM information leakage
+
+
+---
New:
exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch
exim-CVE-2017-1000369.patch
fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.VVFUrR/_old 2017-07-01 14:06:34.815354379 +0200
+++ /var/tmp/diff_new_pack.VVFUrR/_new 2017-07-01 14:06:34.815354379 +0200
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,6 +20,14 @@
%bcond_without pgsql
%bcond_without sqlite
%bcond_without ldap
+%if 0%{?suse_version} < 1199 || 0%{?centos_version} < 599 || 0%{?rhel_version}
< 599
+%bcond_withdane
+%else
+%bcond_without dane
+%endif
+# disable for now,
+# since utf8_downconvert currently crashes
+%bcond_without i18n
Name: exim
BuildRequires: cyrus-sasl-devel
@@ -53,8 +61,13 @@
%else
Requires(pre): %insserv_prereq
%endif
-Requires(pre): %fillup_prereq
-Requires(pre): /usr/sbin/useradd
+Requires(pre): %fillup_prereq permissions
+%if 0%{?suse_version} >= 1330
+BuildRequires: group(mail)
+BuildRequires: user(mail)
+Requires(pre): user(mail)
+Requires(pre): group(mail)
+%endif
Requires(pre): fileutils textutils
%endif
Version:4.86.2
@@ -72,8 +85,8 @@
License:GPL-2.0+
Group: Productivity/Networking/Email/Servers
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source: http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2
-Source3:http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2.asc
+Source: http://ftp.exim.org/pub/exim/exim4/old/exim-%{version}.tar.bz2
+Source3:
http://ftp.exim.org/pub/exim/exim4/old/exim-%{version}.tar.bz2.asc
# http://ftp.exim.org/pub/exim/Exim-Maintainers-Keyring.asc
Source4:exim.keyring
Source1:sysconfig.exim
@@ -86,7 +99,10 @@
Source31: eximstats.conf
Source32: eximstats.conf-2.2
Source40: exim.service
-Patch: exim-tail.patch
+Patch0: exim-tail.patch
+Patch1:
exim-4.86.2+fixes-867e8fe25dbfb1e31493488ad695bde55b890397.patch
+Patch2:
fix-CVE-2016-9963-31c02defdc5118834e801d4fe8f11c1d9b5ebadf.patch
+Patch3: exim-CVE-2017-1000369.patch
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -128,7 +144,10 @@
%prep
%setup -q -n exim-%{version}
-%patch
+%patch0
+%patch1 -p 1
+%patch2 -p 1
+%patch3 -p 1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
@@ -264,9 +283,13 @@
EXPERIMENTAL_PROXY=yes
EXPERIMENTAL_CERTNAMES=yes
EXPERIMENTAL_DSN=yes
+%if %{with dane}
EXPERIMENTAL_DANE=yes
+%endif
EXPERIMENTAL_SOCKS=yes
+%if %{with i18n}
EXPERIMENTAL_INTERNATIONAL=yes
+%endif
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2016-10-04 16:00:25
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2016-03-07
13:27:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2016-10-04
16:00:03.0 +0200
@@ -1,0 +2,20 @@
+Mon Apr 4 15:55:31 UTC 2016 - e.isto...@edss.ee
+
+- Makefile tuning:
+ + add sqlite support
++ disable WITH_OLD_DEMIME
++ enable AUTH_CYRUS_SASL
++ enable AUTH_TLS
++ enable SYSLOG_LONG_LINES
++ enable SUPPORT_PAM
++ MAX_NAMED_LIST=64
++ enable EXPERIMENTAL_DMARC
++ enable EXPERIMENTAL_EVENT
++ enable EXPERIMENTAL_PROXY
++ enable EXPERIMENTAL_CERTNAMES
++ enable EXPERIMENTAL_DSN
++ enable EXPERIMENTAL_DANE
++ enable EXPERIMENTAL_SOCKS
++ enable EXPERIMENTAL_INTERNATIONAL
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.jp6VgL/_old 2016-10-04 16:00:05.0 +0200
+++ /var/tmp/diff_new_pack.jp6VgL/_new 2016-10-04 16:00:05.0 +0200
@@ -18,12 +18,15 @@
%bcond_without mysql
%bcond_without pgsql
+%bcond_without sqlite
%bcond_without ldap
Name: exim
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
+BuildRequires: libidn-devel
BuildRequires: libspf2-devel
+BuildRequires: pam-devel
%if %{with_ldap}
BuildRequires: openldap2-devel
%endif
@@ -62,6 +65,9 @@
%if %{with_pgsql}
BuildRequires: postgresql-devel
%endif
+%if %{with_sqlite}
+BuildRequires: sqlite3-devel
+%endif
Summary:The Exim Mail Transfer Agent, a Replacement for sendmail
License:GPL-2.0+
Group: Productivity/Networking/Email/Servers
@@ -167,15 +173,14 @@
%if %{with_pgsql}
LOOKUP_PGSQL=yes
%endif
+%if %{with_sqlite}
+ LOOKUP_SQLITE=yes
+%endif
LOOKUP_NIS=yes
# LOOKUP_NISPLUS=yes
- # LOOKUP_ORACLE=yes
LOOKUP_PASSWD=yes
- # LOOKUP_PGSQL=yes
# LOOKUP_WHOSON=yes
CYRUS_SASLAUTHD_SOCKET=/var/run/sasl2/mux
- # LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include
-I /usr/local/pgsql/include
- # LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq
LOOKUP_LIBS=-llber
%if %{with_ldap}
LDAP_LIB_TYPE=OPENLDAP2
@@ -189,23 +194,31 @@
LOOKUP_INCLUDE+=-I /usr/include/pgsql
LOOKUP_LIBS+=-lpq
%endif
+%if %{with_sqlite}
+ LOOKUP_INCLUDE+=-I /usr/include/sqlite3
+ LOOKUP_LIBS+=-lsqlite3
+%endif
EXIM_MONITOR=eximon.bin
WITH_CONTENT_SCAN=yes
- WITH_OLD_DEMIME=yes
+ #WITH_OLD_DEMIME=yes
AUTH_CRAM_MD5=yes
+AUTH_CYRUS_SASL=yes
AUTH_PLAINTEXT=yes
AUTH_SPA=yes
AUTH_DOVECOT=yes
+AUTH_TLS=yes
+ AUTH_LIBS=-lsasl2
SUPPORT_TLS=yes
TLS_LIBS=-lssl -lcrypto
INFO_DIRECTORY=%{_infodir}
LOG_FILE_PATH=/var/log/exim/%%s.log
EXICYCLOG_MAX=10
SYSLOG_LOG_PID=yes
+SYSLOG_LONG_LINES=yes
COMPRESS_COMMAND=/bin/gzip
COMPRESS_SUFFIX=gz
ZCAT_COMMAND=/usr/bin/zcat
- # SUPPORT_PAM=yes
+ SUPPORT_PAM=yes
# You probably need to add -lpam to EXTRALIBS
# RADIUS_CONFIG_FILE=/etc/radiusclient/radiusclient.conf
# CYRUS_PWCHECK_SOCKET=/var/pwcheck/pwcheck
@@ -231,7 +244,7 @@
# LOG_MODE=0640
# LOOKUP_TESTDB=yes
MAKE_SHELL=/bin/bash
- # MAX_NAMED_LIST=16
+ MAX_NAMED_LIST=64
# MAXINTERFACES=250
# MSGLOG_DIRECTORY_MODE=0750
# PERL_CC=
@@ -244,8 +257,19 @@
HAVE_IPV6=YES
EXPERIMENTAL_SPF=yes
LOOKUP_LIBS+=-lspf2
+#EXPERIMENTAL_DMARC=yes
+ #CFLAGS += -I/usr/local/include
+ #LDFLAGS += -lopendmarc
+ EXPERIMENTAL_EVENT=yes
+ EXPERIMENTAL_PROXY=yes
+ EXPERIMENTAL_CERTNAMES=yes
+ EXPERIMENTAL_DSN=yes
+ EXPERIMENTAL_DANE=yes
+ EXPERIMENTAL_SOCKS=yes
+ EXPERIMENTAL_INTERNATIONAL=yes
+ LDFLAGS += -lidn
CFLAGS=$RPM_OPT_FLAGS -Wall $CFLAGS_OPT_WERROR -fno-strict-aliasing
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE
- EXTRALIBS=-ldl -L/usr/X11R6/%{_lib} $pie
+ EXTRALIBS=-ldl -lpam -L/usr/X11R6/%{_lib} $pie
EOF
touch Local/eximon.conf
rm -f doc/*.{orig,txt~}
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2016-03-07 13:26:55
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2016-02-08
09:47:36.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2016-03-07
13:27:42.0 +0100
@@ -1,0 +2,13 @@
+Wed Mar 2 21:05:04 UTC 2016 - lmue...@suse.com
+
+- Update to 4.86.2
+ + Fix minor portability issues for *BSD and OS/X.
+
+---
+Mon Feb 29 17:26:20 UTC 2016 - lmue...@suse.com
+
+- Update to 4.86.1
+ + Add support for keep_environment and add_environment options;
+CVE-2016-1531; (boo#968844).
+
+---
Old:
exim-4.86.tar.bz2
exim-4.86.tar.bz2.asc
New:
exim-4.86.2.tar.bz2
exim-4.86.2.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.s4fjPm/_old 2016-03-07 13:27:43.0 +0100
+++ /var/tmp/diff_new_pack.s4fjPm/_new 2016-03-07 13:27:43.0 +0100
@@ -54,7 +54,7 @@
Requires(pre): /usr/sbin/useradd
Requires(pre): fileutils textutils
%endif
-Version:4.86
+Version:4.86.2
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
@@ -270,7 +270,8 @@
inst_conf=$RPM_BUILD_ROOT/etc/exim/exim.conf \
inst_info=$RPM_BUILD_ROOT/%{_infodir} \
INSTALL_ARG=-no_chown install
-mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
+#mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
+mv $RPM_BUILD_ROOT/usr/sbin/exim-4.86* $RPM_BUILD_ROOT/usr/sbin/exim
mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all
substitutions done
%if 0%{?suse_version} > 1220
install -m 0644 %{S:40} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
++ exim-4.86.tar.bz2 -> exim-4.86.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.86/OS/Makefile-Base
new/exim-4.86.2/OS/Makefile-Base
--- old/exim-4.86/OS/Makefile-Base 2015-07-23 23:20:37.0 +0200
+++ new/exim-4.86.2/OS/Makefile-Base2016-03-02 18:27:51.0 +0100
@@ -317,6 +317,7 @@
rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \
route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \
std-crypto.o store.o string.o tls.o tod.o transport.o tree.o verify.o \
+environment.o \
$(OBJ_LOOKUPS) \
local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \
$(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL)
@@ -573,6 +574,7 @@
enq.o: $(HDRS) enq.c
exim.o: $(HDRS) exim.c
expand.o:$(HDRS) expand.c
+environment.o: $(HDRS) environment.c
filter.o:$(HDRS) filter.c
filtertest.o:$(HDRS) filtertest.c
globals.o: $(HDRS) globals.c
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.86/doc/ChangeLog new/exim-4.86.2/doc/ChangeLog
--- old/exim-4.86/doc/ChangeLog 2015-07-23 23:20:37.0 +0200
+++ new/exim-4.86.2/doc/ChangeLog 2016-03-02 18:27:51.0 +0100
@@ -1,6 +1,14 @@
Change log file for Exim from version 4.21
---
+Exim version 4.86.2
+---
+Portability relase of 4.86.1
+
+Exim version 4.86.1
+---
+HS/04 Add support for keep_environment and add_environment options.
+ This fixes CVE-2016-1531.
Exim version 4.86
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.86/doc/exim.8 new/exim-4.86.2/doc/exim.8
--- old/exim-4.86/doc/exim.82015-07-26 14:42:05.0 +0200
+++ new/exim-4.86.2/doc/exim.8 2016-03-02 18:42:38.0 +0100
@@ -453,6 +453,10 @@
settings can be obtained by using \fBrouters\fP, \fBtransports\fP, or
\fBauthenticators\fP.
.sp
+If \fBenvironment\fP is given as an argument, the set of environment
+variables is output, line by line. Using the \fB\-n\fP flag supresses the
value of the
+variables.
+.sp
If invoked by an admin user, then \fBmacro\fP, \fBmacro_list\fP and
\fBmacros\fP
are available, similarly to the drivers. Because macros are sometimes used
for storing passwords, this option is restricted.
@@ -724,6 +728,8 @@
file that exists is used. Failure to open an existing file stops Exim from
proceeding any further along the list, and an error is generated.
.sp
+The file names need to be absolute names.
+.sp
When this option is used by a caller other than root, and
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2016-02-08 09:47:35
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2015-12-16
17:42:35.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2016-02-08
09:47:36.0 +0100
@@ -1,0 +2,6 @@
+Wed Feb 3 19:07:16 UTC 2016 - opens...@cboltz.de
+
+- Move AppArmor profile to /usr/share/apparmor/extra-profiles/, which is
+ the directory for inactive profiles since AppArmor 2.9
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.kC7FZV/_old 2016-02-08 09:47:37.0 +0100
+++ /var/tmp/diff_new_pack.kC7FZV/_new 2016-02-08 09:47:37.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -333,7 +333,7 @@
%endif
install -m 0755 $RPM_SOURCE_DIR/eximstats-html-update.py
$RPM_BUILD_ROOT/%{_sbindir}
# apparmor profile
-install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/etc/apparmor/profiles/extras/usr.sbin.exim
+install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/usr/share/apparmor/extra-profiles/usr.sbin.exim
%pre
%if 0%{?suse_version} > 1220
@@ -417,10 +417,9 @@
%if %{?suse_version:%suse_version}%{?!suse_version:9} < 1000
%config(noreplace) /etc/permissions.d/exim
%endif
-%dir /etc/apparmor
-%dir /etc/apparmor/profiles
-%dir /etc/apparmor/profiles/extras
-%config(noreplace) /etc/apparmor/profiles/extras/usr.sbin.exim
+%dir /usr/share/apparmor
+%dir /usr/share/apparmor/extra-profiles
+%config(noreplace) /usr/share/apparmor/extra-profiles/usr.sbin.exim
/usr/sbin/rcexim
/usr/bin/mailq
/usr/bin/runq
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2015-12-16 17:42:34
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is "exim"
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2015-07-03
00:03:46.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-12-16
17:42:35.0 +0100
@@ -1,0 +2,32 @@
+Fri Dec 11 10:44:26 UTC 2015 - lmue...@suse.com
+
+- Update the Exim Maintainers Keyring file 'exim.keyring'.
+- Use URL for the source line of the main tar ball.
+
+---
+Fri Oct 2 21:56:18 UTC 2015 - michal.hruse...@opensuse.org
+
+- Update to 4.86
+ * Support for using the system standard CA bundle.
+ * New expansion items $config_file, $config_dir, containing the file
+and directory name of the main configuration file. Also $exim_version.
+ * New "malware=" support for Avast.
+ * New "spam=" variant option for Rspamd.
+ * Assorted options on malware= and spam= scanners.
+ * A commandline option to write a comment into the logfile.
+ * If built with EXPERIMENTAL_SOCKS feature enabled, the smtp transport can
+be configured to make connections via socks5 proxies.
+ * If built with EXPERIMENTAL_INTERNATIONAL, support is included for
+the transmission of UTF-8 envelope addresses.
+ * If built with EXPERIMENTAL_INTERNATIONAL, an expansion item for a commonly
+used encoding of Maildir folder names.
+ * A logging option for slow DNS lookups.
+ * New ${env {}} expansion.
+ * A non-SMTP authenticator using information from TLS client certificates.
+ * Main option "tls_eccurve" for selecting an Elliptic Curve for TLS.
+Patch originally by Wolfgang Breyha.
+ * Main option "dns_trust_aa" for trusting your local nameserver at the
+same level as DNSSEC.
+- Dropped exim-enable_ecdh_openssl.patch as included in upstream
+
+---
Old:
exim-4.85.tar.bz2
exim-4.85.tar.bz2.asc
exim-enable_ecdh_openssl.patch
New:
exim-4.86.tar.bz2
exim-4.86.tar.bz2.asc
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.m13To2/_old 2015-12-16 17:42:36.0 +0100
+++ /var/tmp/diff_new_pack.m13To2/_new 2015-12-16 17:42:36.0 +0100
@@ -54,7 +54,7 @@
Requires(pre): /usr/sbin/useradd
Requires(pre): fileutils textutils
%endif
-Version:4.85
+Version:4.86
Release:0
%if %{with_mysql}
BuildRequires: mysql-devel
@@ -66,8 +66,9 @@
License:GPL-2.0+
Group: Productivity/Networking/Email/Servers
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source: exim-%{version}.tar.bz2
-Source3:exim-%{version}.tar.bz2.asc
+Source: http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2
+Source3:http://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2.asc
+# http://ftp.exim.org/pub/exim/Exim-Maintainers-Keyring.asc
Source4:exim.keyring
Source1:sysconfig.exim
Source2:exim.logrotate
@@ -80,7 +81,6 @@
Source32: eximstats.conf-2.2
Source40: exim.service
Patch: exim-tail.patch
-Patch1: exim-enable_ecdh_openssl.patch
%package -n eximon
Summary:Eximon, an graphical frontend to administer Exim's mail queue
@@ -123,7 +123,6 @@
%prep
%setup -q -n exim-%{version}
%patch
-%patch1 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} > 930
fPIE="-fPIE"
++ exim-4.85.tar.bz2 -> exim-4.86.tar.bz2 ++
38777 lines of diff (skipped)
++ exim.keyring ++
5457 lines (skipped)
between exim.keyring
and /work/SRC/openSUSE:Factory/.exim.new/exim.keyring
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2015-07-02 22:49:42 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new (New) Package is exim Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2015-05-07 09:22:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-07-03 00:03:46.0 +0200 @@ -111 +111 @@ -- Fix service file +- Fix service file; (boo#935601) @@ -118 +118 @@ -- Removed executable permission bits from exim.service file. +- Removed executable permission bits from exim.service file; (boo#935601). Other differences: --
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2015-05-07 09:22:14
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2015-04-23
08:04:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-05-07
09:22:15.0 +0200
@@ -1,0 +2,6 @@
+Wed May 6 21:25:49 UTC 2015 - lmue...@suse.com
+
+- Fix the systemd service file by not passing EXIM_ARGS as one single
+ argument by removing the curly brackets (shell syntax).
+
+---
Other differences:
--
++ exim.service ++
--- /var/tmp/diff_new_pack.HueWwI/_old 2015-05-07 09:22:16.0 +0200
+++ /var/tmp/diff_new_pack.HueWwI/_new 2015-05-07 09:22:16.0 +0200
@@ -7,7 +7,7 @@
PrivateTmp=true
Environment=QUEUE=1h
EnvironmentFile=-/etc/sysconfig/exim
-ExecStart=/usr/sbin/exim ${EXIM_ARGS}
+ExecStart=/usr/sbin/exim $EXIM_ARGS
[Install]
WantedBy=multi-user.target
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2015-04-23 08:04:30
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2015-03-23
12:17:45.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-04-23
08:04:31.0 +0200
@@ -1,0 +2,6 @@
+Fri Apr 17 15:53:24 UTC 2015 - lmue...@suse.com
+
+- Install fitting eximstats.conf depending on SUSE version; (bsc#926861).
+- Add attribute dir to /etc/apache2 and /etc/apache2/conf.d in the file list.
+
+---
New:
eximstats.conf-2.2
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.IJlR2q/_old 2015-04-23 08:04:32.0 +0200
+++ /var/tmp/diff_new_pack.IJlR2q/_new 2015-04-23 08:04:32.0 +0200
@@ -77,7 +77,8 @@
Source20:
http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/exim4-manpages.tar.bz2
Source30: eximstats-html-update.py
Source31: eximstats.conf
-Source32: exim.service
+Source32: eximstats.conf-2.2
+Source40: exim.service
Patch: exim-tail.patch
Patch1: exim-enable_ecdh_openssl.patch
@@ -273,7 +274,7 @@
mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all
substitutions done
%if 0%{?suse_version} 1220
-install -m 0644 %{S:32} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
+install -m 0644 %{S:40} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
%else
install -m 0755 %{S:11} $RPM_BUILD_ROOT/etc/init.d/exim
%endif
@@ -326,7 +327,11 @@
# eximstats-html files
mkdir -p $RPM_BUILD_ROOT/srv/www/eximstats
mkdir -p $RPM_BUILD_ROOT/etc/apache2/conf.d/
-cp -p $RPM_SOURCE_DIR/eximstats.conf $RPM_BUILD_ROOT/etc/apache2/conf.d/
+%if 0%{?suse_version} == 0 || 0%{?suse_version} 1310
+ cp -p %{S:31} $RPM_BUILD_ROOT/etc/apache2/conf.d/
+%else
+ cp -p %{S:32} $RPM_BUILD_ROOT/etc/apache2/conf.d/eximstats.conf
+%endif
install -m 0755 $RPM_SOURCE_DIR/eximstats-html-update.py
$RPM_BUILD_ROOT/%{_sbindir}
# apparmor profile
install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/etc/apparmor/profiles/extras/usr.sbin.exim
@@ -435,8 +440,8 @@
%files -n eximstats-html
%defattr(-,root,root)
%attr(0750,root,www) /srv/www/eximstats
-/etc/apache2
-/etc/apache2/conf.d
+%dir /etc/apache2
+%dir /etc/apache2/conf.d
/etc/apache2/conf.d/eximstats.conf
%{_sbindir}/eximstats-html-update.py
++ eximstats.conf ++
--- /var/tmp/diff_new_pack.IJlR2q/_old 2015-04-23 08:04:32.0 +0200
+++ /var/tmp/diff_new_pack.IJlR2q/_new 2015-04-23 08:04:32.0 +0200
@@ -1,6 +1,6 @@
Alias /eximstats /srv/www/eximstats
Directory /srv/www/eximstats
-Order allow,deny
-Allow from all
+Require all granted
Options +Indexes
+AllowOverride None
/Directory
++ eximstats.conf-2.2 ++
Alias /eximstats /srv/www/eximstats
Directory /srv/www/eximstats
Order allow,deny
Allow from all
Options +Indexes
/Directory
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2015-03-23 12:17:44
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2015-01-30
17:43:55.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-03-23
12:17:45.0 +0100
@@ -1,0 +2,6 @@
+Fri Mar 13 12:26:23 UTC 2015 - lmue...@suse.com
+
+- Replace the fixed ExecStart arguments by ${EXIM_ARGS} as defined in
+ /etc/sysconfig/exim; (bsc#922145).
+
+---
Other differences:
--
++ exim.service ++
--- /var/tmp/diff_new_pack.rNCcGf/_old 2015-03-23 12:17:46.0 +0100
+++ /var/tmp/diff_new_pack.rNCcGf/_new 2015-03-23 12:17:46.0 +0100
@@ -7,7 +7,7 @@
PrivateTmp=true
Environment=QUEUE=1h
EnvironmentFile=-/etc/sysconfig/exim
-ExecStart=/usr/sbin/exim -bd -q${QUEUE}
+ExecStart=/usr/sbin/exim ${EXIM_ARGS}
[Install]
WantedBy=multi-user.target
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2015-01-30 17:43:44
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2014-12-06
13:45:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2015-01-30
17:43:55.0 +0100
@@ -1,0 +2,96 @@
+Sat Jan 24 23:04:19 UTC 2015 - lmue...@suse.com
+
+- Set CFLAGS_OPT_WERROR only on post-5 CentOS and RHEL systems.
+
+---
+Sat Jan 24 22:33:59 UTC 2015 - lmue...@suse.com
+
+- Drop BuildRequires xorg-x11-server-sdk for non SUSE systems in particular to
+ build on RHEL 6 again.
+
+---
+Sat Jan 24 22:16:09 UTC 2015 - lmue...@suse.com
+
+- Let ld know the path to mysqlclient.
+
+---
+Sat Jan 24 19:33:39 UTC 2015 - lmue...@suse.com
+
+- update to 4.85
+ + When running the test suite, the README says that variables such as
+no_msglog_check are global and can be placed anywhere in a specific
+test's script, however it was observed that placement needed to be near
+the beginning for it to behave that way. Changed the runtest perl
+script to read through the entire script once to detect and set these
+variables, reset to the beginning of the script, and then run through
+the script parsing/test process like normal.
+ + Expand the EXPERIMENTAL_TPDA feature. Several different events now
+cause callback expansion.
+ + Bugzilla 1518: Clarify condition processing in routers; that
+syntax errors in an expansion can be treated as a string instead of
+logging or causing an error, due to the internal use of bool_lax
+instead of bool when processing it.
+ + Add EXPERIMENTAL_DANE, allowing for using the DNS as trust-anchor for
+server certificates when making smtp deliveries.
+ + Support secondary-separator specifier for MX, SRV, TLSA lookups.
+ + Add ${sort {list}{condition}{extractor}} expansion item.
+ + Bugzilla 1216: Add -M (related messages) option to exigrep.
+ + GitHub Issue 18: Adjust logic testing for true/false in redis lookups.
+Merged patch from Sebastian Wiedenroth.
+ + Fix results-pipe from transport process. Several recipients, combined
+with certificate use, exposed issues where response data items split
+over buffer boundaries were not parsed properly. This eventually
+resulted in duplicates being sent. This issue only became common enough
+to notice due to the introduction of conection certificate information,
+the item size being so much larger. Found and fixed by Wolfgang Breyha.
+ + Bug 1533: Fix truncation of items in headers_remove lists. A fixed
+size buffer was used, resulting in syntax errors when an expansion
+exceeded it.
+ + Add support for directories of certificates when compiled with a GnuTLS
+version 3.3.6 or later.
+ + Rename the TPDA expermimental facility to Event Actions. The #ifdef
+is EXPERIMENTAL_EVENT, the main-configuration and transport options
+both become event_action, the variables become $event_name, $event_data
+and $event_defer_errno. There is a new variable $verify_mode, usable in
+routers, transports and related events. The tls:cert event is now also
+raised for inbound connections, if the main configuration event_action
+option is defined.
+ + In test suite, disable OCSP for old versions of openssl which contained
+early OCSP support, but no stapling (appears to be less than 1.0.0).
+ + When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on
+server certificate names available under the smtp transport option
+tls_verify_cert_hostname now do not permit multi-component wildcard
+matches.
+ + Time-related extraction expansions from certificates now use the main
+option timezone setting for output formatting, and are consistent
+between OpenSSL and GnuTLS compilations. Bug 1541.
+ + Fix a crash in mime ACL when meeting a zero-length, quoted or RFC2047-
+encoded parameter in the incoming message. Bug 1558.
+ + Bug 1527: Autogrow buffer used in reading spool files. Since they now
+include certificate info, eximon was claiming there were spoolfile
+syntax errors.
+ + Bug 1521: Fix ldap lookup for single-attr request, multiple-attr return.
+ + Log delivery-related information more consistently, using the sequence
+H=name [ip] wherever possible.
+ + Bug 1547: Omit RFCs from release. Draft and RFCs have licenses which
+are problematic for Debian distribution, omit them from the release
+tarball.
+ +
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2014-12-06 13:45:52
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2014-11-26
22:55:29.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2014-12-06
13:45:42.0 +0100
@@ -1,0 +2,5 @@
+Fri Dec 5 12:47:28 UTC 2014 - lmue...@suse.com
+
+- Removed executable permission bits from exim.service file.
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.ApYeIo/_old 2014-12-06 13:45:43.0 +0100
+++ /var/tmp/diff_new_pack.ApYeIo/_new 2014-12-06 13:45:43.0 +0100
@@ -271,9 +271,9 @@
mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all
substitutions done
%if 0%{?suse_version} 1220
-install -m 755 %{S:32} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
+install -m 0644 %{S:32} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
%else
-install -m 755 %{S:11} $RPM_BUILD_ROOT/etc/init.d/exim
+install -m 0755 %{S:11} $RPM_BUILD_ROOT/etc/init.d/exim
%endif
# aka...
for i in \
@@ -297,7 +297,7 @@
rm $RPM_BUILD_ROOT/usr/sbin/eximon*
%endif
cp -p %{S:1} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.exim
-install -m 644 %{S:2} $RPM_BUILD_ROOT/etc/logrotate.d/exim
+install -m 0644 %{S:2} $RPM_BUILD_ROOT/etc/logrotate.d/exim
# man pages
mv doc/exim.8 $RPM_BUILD_ROOT/%{_mandir}/man8/
pod2man --center=EXIM --section=8 $RPM_BUILD_ROOT/usr/sbin/eximstats
$RPM_BUILD_ROOT/%{_mandir}/man8/eximstats.8
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2014-11-26 20:55:48
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2014-08-13
08:49:32.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2014-11-26
22:55:29.0 +0100
@@ -1,0 +2,19 @@
+Wed Nov 26 14:38:41 UTC 2014 - lmue...@suse.com
+
+- Remove dependency on gpg-offline as signature checking is implemented in the
+ source validator.
+
+---
+Wed Nov 26 13:13:38 UTC 2014 - lmue...@suse.com
+
+- update to 4.84
+ + Re-add a 'return NULL' to silence complaints from static checkers that
+were complaining about end of non-void function with no return;
+(beo#1506); obsoletes silence-static-checkers.patch.
+ + Fix parsing of quoted parameter values in MIME headers.
+This was a regression intruduced in 4.83 by another bugfix; (beo#1513).
+ + Fix broken compilation when EXPERIMENTAL_DSN is enabled.
+ + Fix exipick for enhanced spoolfile specification used when
+EXPERIMENTAL_DNS is enabled; (beo#1509).
+
+---
Old:
exim-4.83.tar.bz2
exim-4.83.tar.bz2.asc
exim-pubkey_04d29eba.asc
silence-static-checkers.patch
New:
exim-4.84.tar.bz2
exim-4.84.tar.bz2.asc
exim.keyring
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.x26H0d/_old 2014-11-26 22:55:30.0 +0100
+++ /var/tmp/diff_new_pack.x26H0d/_new 2014-11-26 22:55:30.0 +0100
@@ -39,7 +39,6 @@
%if %{?suse_version:%suse_version}%{?!suse_version:0} 800
Requires: logrotate
%if 0%{?suse_version} 1220
-BuildRequires: gpg-offline
BuildRequires: pkgconfig(systemd)
%{?systemd_requires}
%else
@@ -49,7 +48,7 @@
Requires(pre): /usr/sbin/useradd
Requires(pre): fileutils textutils
%endif
-Version:4.83
+Version:4.84
Release:0
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
@@ -65,7 +64,7 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source: exim-%{version}.tar.bz2
Source3:exim-%{version}.tar.bz2.asc
-Source4:exim-pubkey_04d29eba.asc
+Source4:exim.keyring
Source1:sysconfig.exim
Source2:exim.logrotate
Source11: exim.rc
@@ -77,7 +76,6 @@
Source32: exim.service
Patch: exim-tail.patch
Patch1: exim-enable_ecdh_openssl.patch
-Patch2: silence-static-checkers.patch
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
@@ -127,11 +125,9 @@
%endif
%prep
-%{?gpg_verify: %gpg_verify --keyring %{SOURCE4} %{SOURCE3}}
%setup -q -n exim-%{version}
%patch
%patch1 -p1
-%patch2 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} 930
fPIE=-fPIE
++ exim-4.83.tar.bz2 - exim-4.84.tar.bz2 ++
3576 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2014-08-13 08:49:19 Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new (New) Package is exim Changes: --- /work/SRC/openSUSE:Factory/exim/exim.changes2014-07-26 09:42:27.0 +0200 +++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2014-08-13 08:49:32.0 +0200 @@ -1,0 +2,5 @@ +Tue Aug 12 13:46:29 UTC 2014 - p.drou...@gmail.com + +- Use %insserv_cleanup only for openSUSE 12.2 + +--- Other differences: -- ++ exim.spec ++ --- /var/tmp/diff_new_pack.K6mV0j/_old 2014-08-13 08:49:33.0 +0200 +++ /var/tmp/diff_new_pack.K6mV0j/_new 2014-08-13 08:49:33.0 +0200 @@ -386,9 +386,10 @@ %service_del_postun exim.service %else %restart_on_update exim +%insserv_cleanup %endif %endif -%insserv_cleanup + %verifyscript %verify_permissions -e /usr/sbin/exim -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2014-07-26 09:42:13
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2014-01-30
14:54:32.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2014-07-26
09:42:27.0 +0200
@@ -1,0 +2,38 @@
+Wed Jul 23 13:09:41 UTC 2014 - lmue...@suse.com
+
+- Add silence-static-checkers.patch; (beo#1506).
+
+---
+Wed Jul 23 10:08:04 UTC 2014 - lmue...@suse.com
+
+- update to 4.83
+ This release of Exim includes one incompatible fix:
+ + the behavior of expansion of arguments to math comparison functions
+(, =, =, =, ) was unexpected, expanding the values twice;
+CVE-2014-2972; (bnc#888520)
+ This release contains the following enhancements and bugfixes:
+ + PRDR was promoted from Experimental to mainline
+ + OCSP Stapling was promoted from Experimental to mainline
+ + new Experimental feature Proxy Protocol
+ + new Experimental feature DSN (Delivery Status Notifications)
+ + TLS session improvements
+ + TLS SNI fixes
+ + LDAP enhancements
+ + DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ + several new operations (listextract, utf8clean, md5, sha1)
+ + enforce header formatting with verify=header_names_ascii
+ + new commandline option -oMm
+ + new TLSA dns lookup
+ + new malware sock type
+ + cutthrough routing enhancements
+ + logging enhancements
+ + DNSSEC enhancements
+ + exiqgrep enhancements
+ + deprecating non-standard SPF results
+ + build and portability fixes
+ + documentation fixes and enhancements
+- Verify source tar ball gpg signature.
+- Refresh exim-enable_ecdh_openssl.patch and strip version number from the
+ patch filename.
+
+---
@@ -419,0 +458,6 @@
+
+---
+Fri May 20 17:05:34 CEST 2011 - meiss...@suse.de
+
+- Fixed another remote code execution issue (CVE-2011-1407 / bnc#694798)
+- Fixed STARTTLS command injection (bnc#695144)
Old:
exim-4.82.tar.bz2
exim482-enable_ecdh_openssl.patch
New:
exim-4.83.tar.bz2
exim-4.83.tar.bz2.asc
exim-enable_ecdh_openssl.patch
exim-pubkey_04d29eba.asc
silence-static-checkers.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.CjRPoI/_old 2014-07-26 09:42:28.0 +0200
+++ /var/tmp/diff_new_pack.CjRPoI/_new 2014-07-26 09:42:28.0 +0200
@@ -39,6 +39,7 @@
%if %{?suse_version:%suse_version}%{?!suse_version:0} 800
Requires: logrotate
%if 0%{?suse_version} 1220
+BuildRequires: gpg-offline
BuildRequires: pkgconfig(systemd)
%{?systemd_requires}
%else
@@ -48,7 +49,7 @@
Requires(pre): /usr/sbin/useradd
Requires(pre): fileutils textutils
%endif
-Version:4.82
+Version:4.83
Release:0
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
@@ -63,6 +64,8 @@
Group: Productivity/Networking/Email/Servers
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source: exim-%{version}.tar.bz2
+Source3:exim-%{version}.tar.bz2.asc
+Source4:exim-pubkey_04d29eba.asc
Source1:sysconfig.exim
Source2:exim.logrotate
Source11: exim.rc
@@ -73,7 +76,8 @@
Source31: eximstats.conf
Source32: exim.service
Patch: exim-tail.patch
-Patch1: exim482-enable_ecdh_openssl.patch
+Patch1: exim-enable_ecdh_openssl.patch
+Patch2: silence-static-checkers.patch
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
@@ -123,9 +127,11 @@
%endif
%prep
+%{?gpg_verify: %gpg_verify --keyring %{SOURCE4} %{SOURCE3}}
%setup -q -n exim-%{version}
%patch
%patch1 -p1
+%patch2 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} 930
fPIE=-fPIE
++ exim-4.82.tar.bz2 - exim-4.83.tar.bz2 ++
19368 lines of diff (skipped)
++ exim-enable_ecdh_openssl.patch ++
# Taken from:
# http://bugs.exim.org/show_bug.cgi?id=1397
# http://bugs.exim.org/attachment.cgi?id=661
Index: exim-4.83/src/globals.c
===
--- exim-4.83.orig/src/globals.c
+++ exim-4.83/src/globals.c
@@ -150,6 +150,7 @@ that's the interop problem which has bee
bit-count as NORMAL (2432) and Thunderbird dropping connection. */
int tls_dh_max_bits= 2236;
uschar *tls_dhparam= NULL;
+uschar *tls_eccurve
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2014-01-30 14:54:31
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2013-12-08
19:26:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2014-01-30
14:54:32.0 +0100
@@ -1,0 +2,6 @@
+Thu Jan 23 09:25:36 UTC 2014 - meiss...@suse.com
+
+- exim482-enable_ecdh_openssl.patch: Enable ECDH (elliptic curve diffie
+ hellman) support, taken from http://bugs.exim.org/show_bug.cgi?id=1397
+
+---
New:
exim482-enable_ecdh_openssl.patch
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.16uUNk/_old 2014-01-30 14:54:33.0 +0100
+++ /var/tmp/diff_new_pack.16uUNk/_new 2014-01-30 14:54:33.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -73,6 +73,7 @@
Source31: eximstats.conf
Source32: exim.service
Patch: exim-tail.patch
+Patch1: exim482-enable_ecdh_openssl.patch
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
@@ -124,6 +125,7 @@
%prep
%setup -q -n exim-%{version}
%patch
+%patch1 -p1
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} 930
fPIE=-fPIE
++ exim482-enable_ecdh_openssl.patch ++
# Taken from:
# http://bugs.exim.org/show_bug.cgi?id=1397
# http://bugs.exim.org/attachment.cgi?id=661
diff -urN exim-4.82_RC3.orig/src/globals.c exim-4.82_RC3.ecdh/src/globals.c
--- exim-4.82_RC3.orig/src/globals.c2013-10-09 22:47:52.0 +0200
+++ exim-4.82_RC3.ecdh/src/globals.c2013-10-15 00:53:16.0 +0200
@@ -137,6 +137,7 @@
bit-count as NORMAL (2432) and Thunderbird dropping connection. */
int tls_dh_max_bits= 2236;
uschar *tls_dhparam= NULL;
+uschar *tls_eccurve= NULL;
#if defined(EXPERIMENTAL_OCSP) !defined(USE_GNUTLS)
uschar *tls_ocsp_file = NULL;
#endif
diff -urN exim-4.82_RC3.orig/src/globals.h exim-4.82_RC3.ecdh/src/globals.h
--- exim-4.82_RC3.orig/src/globals.h2013-10-09 22:47:52.0 +0200
+++ exim-4.82_RC3.ecdh/src/globals.h2013-10-15 00:52:25.0 +0200
@@ -105,6 +105,7 @@
extern uschar *tls_crl;/* CRL File */
extern int tls_dh_max_bits;/* don't accept higher lib suggestions
*/
extern uschar *tls_dhparam;/* DH param file */
+extern uschar *tls_eccurve;/* EC curve */
#if defined(EXPERIMENTAL_OCSP) !defined(USE_GNUTLS)
extern uschar *tls_ocsp_file; /* OCSP stapling proof file */
#endif
diff -urN exim-4.82_RC3.orig/src/readconf.c exim-4.82_RC3.ecdh/src/readconf.c
--- exim-4.82_RC3.orig/src/readconf.c 2013-10-09 22:47:52.0 +0200
+++ exim-4.82_RC3.ecdh/src/readconf.c 2013-10-15 00:53:58.0 +0200
@@ -433,6 +433,7 @@
{ tls_crl, opt_stringptr, tls_crl },
{ tls_dh_max_bits, opt_int, tls_dh_max_bits },
{ tls_dhparam, opt_stringptr, tls_dhparam },
+ { tls_eccurve, opt_stringptr, tls_eccurve },
# if defined(EXPERIMENTAL_OCSP) !defined(USE_GNUTLS)
{ tls_ocsp_file,opt_stringptr, tls_ocsp_file },
# endif
diff -urN exim-4.82_RC3.orig/src/tls-openssl.c
exim-4.82_RC3.ecdh/src/tls-openssl.c
--- exim-4.82_RC3.orig/src/tls-openssl.c2013-10-09 22:47:52.0
+0200
+++ exim-4.82_RC3.ecdh/src/tls-openssl.c2013-10-15 00:51:20.0
+0200
@@ -446,7 +446,57 @@
return TRUE;
}
+#if !defined(OPENSSL_NO_ECDH)
+static BOOL
+init_ecdh(SSL_CTX *sctx, host_item *host)
+{
+EC_KEY *ecdh;
+int nid;
+# if !defined(OPENSSL_NO_ECDH) OPENSSL_VERSION_NUMBER = 0x10002000L
+/* check if OpenSSL = 1.0.2 auto ECDH temp key parameter selection should be
used */
+if (Ustrcmp(tls_eccurve, auto) == 0)
+ {
+ DEBUG(D_tls) debug_printf(ECDH temp key parameter settings: OpenSSL 1.2+
autoselection\n);
+ SSL_CTX_set_ecdh_auto(sctx, 1);
+ return TRUE;
+ }
+# endif
+
+if (tls_eccurve == NULL)
+ {
+ DEBUG(D_tls)
+debug_printf(ECDH curve (default): prime256v1\n, tls_eccurve);
+ nid = NID_X9_62_prime256v1;
+ }
+else
+ {
+ /* search curve name */
+ DEBUG(D_tls)
+debug_printf(ECDH curve: %s\n,
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2013-12-08 19:26:29
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2013-11-07
08:39:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2013-12-08
19:26:30.0 +0100
@@ -1,0 +2,197 @@
+Fri Dec 6 18:44:42 UTC 2013 - l...@smaba.org
+
+- BuildRequire libopenssl-devel only on SUSE systems.
+- Fix suse_version condition of the pre- and postun scriptlets.
+
+---
+Fri Dec 6 17:52:27 UTC 2013 - l...@smaba.org
+
+- Call service_add_pre from pre scriptlet on post-12.2 systems.
+
+---
+Fri Dec 6 17:37:11 UTC 2013 - lmue...@suse.com
+
+- update to 4.82
+ - Add -bI: framework, and -bI:sieve for querying sieve capabilities.
+ - Make -n do something, by making it not do something.
+When combined with -bP, the name of an option is not output.
+ - Added tls_dh_min_bits SMTP transport driver option, only honoured
+by GnuTLS.
+ - First step towards DNSSEC, provide $sender_host_dnssec for
+$sender_host_name and config options to manage this, and basic check
+routines.
+ - DSCP support for outbound connections and control modifier for inbound.
+ - Cyrus SASL: set local and remote IP;port properties for driver.
+(Only plugin which currently uses this is kerberos4, which nobody should
+be using, but we should make it available and other future plugins might
+conceivably use it, even though it would break NAT; stuff *should* be
+using channel bindings instead).
+ - Handle exim -L tag to indicate to use syslog with tag as the process
+name; added for Sendmail compatibility; requires admin caller.
+Handle -G as equivalent to control = suppress_local_fixups (we used to
+just ignore it); requires trusted caller.
+Also parse but ignore: -Ac -Am -Xlogfile
+Bugzilla 1117.
+ - Bugzilla 1258 - Refactor MAIL FROM optional args processing.
+ - Add +smtp_confirmation as a default logging option.
+ - Bugzilla 198 - Implement remove_header ACL modifier.
+ - Bugzilla 1197, 1281, 1283 - Spec typo.
+ - Bugzilla 1290 - Spec grammar fixes.
+ - Bugzilla 1285 - Spec omission, fix docbook errors for spec.txt creation.
+ - Add Experimental DMARC support using libopendmarc libraries.
+ - Fix an out of order global option causing a segfault. Reported to dev
+mailing list by by Dmitry Isaikin.
+ - Bugzilla 1201 304 - New cutthrough-delivery feature, with TLS support.
+ - Support G suffix to numbers in ${if comparisons.
+ - Handle smtp transport tls_sni option forced-fail for OpenSSL.
+ - Bugzilla 1196 - Spec examples corrections
+ - Add expansion operators ${listnamed:name} and ${listcount:string}
+ - Add gnutls_allow_auto_pkcs11 option (was originally called
+gnutls_enable_pkcs11, but renamed to more accurately indicate its
+function.
+ - Let Linux makefile inherit CFLAGS/CFLAGS_DYNAMIC.
+Pulled from Debian 30_dontoverridecflags.dpatch by Andreas Metzler.
+ - Add expansion item ${acl {name}{arg}...}, expansion condition
+acl {{name}{arg}...}, and optional args on acl condition
+acl = name arg...
+ - Permit multiple router/transport headers_add/remove lines.
+ - Add dnsdb pseudo-lookup a+ to do an + a combination.
+ - Avoid using a waiting database for a single-message-only transport.
+Performance patch from Paul Fisher. Bugzilla 1262.
+ - Strip leading/trailing newlines from add_header ACL modifier data.
+Bugzilla 884.
+ - Add $headers_added variable, with content from use of ACL modifier
+add_header (but not yet added to the message). Bugzilla 199.
+ - Add 8bitmime log_selector, for 8bitmime status on the received line.
+Pulled from Bugzilla 817 by Wolfgang Breyha.
+ - SECURITY: protect DKIM DNS decoding from remote exploit.
+CVE-2012-5671
+(nb: this is the same fix as in Exim 4.80.1)
+ - Add A= logging on delivery lines, and a client_set_id option on
+authenticators.
+ - Add optional authenticated_sender logging to A= and a log_selector
+for control.
+ - Unbreak server_set_id for NTLM/SPA auth, broken by 4.80 PP/29.
+ - Dovecot auth: log better reason to rejectlog if Dovecot did not
+advertise SMTP AUTH mechanism to us, instead of a generic
+protocol violation error. Also, make Exim more robust to bad
+data from the Dovecot auth socket.
+ - Fix ultimate retry timeouts for intermittently deliverable recipients.
+ - When a queue runner is handling a message, Exim first routes the
+recipient addresses, during which it prunes them based on the
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2013-11-07 08:39:41
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2013-06-17
10:04:47.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2013-11-07
08:39:42.0 +0100
@@ -1,0 +2,6 @@
+Sun Oct 27 17:35:43 UTC 2013 - p.drou...@gmail.com
+
+- Add systemd support for openSUSE 12.2
+- Remove some obsolete conditionnal macros
+
+---
New:
exim.service
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.qEiXek/_old 2013-11-07 08:39:43.0 +0100
+++ /var/tmp/diff_new_pack.qEiXek/_new 2013-11-07 08:39:43.0 +0100
@@ -24,13 +24,8 @@
BuildRequires: pcre-devel
%if %{?suse_version:1}%{?!suse_version:0}
BuildRequires: tcpd-devel
-%if %suse_version 910
BuildRequires: xorg-x11-devel
%else
-BuildRequires: XFree86-devel
-BuildRequires: XFree86-libs
-%endif
-%else
BuildRequires: libXaw-devel
BuildRequires: libXext-devel
BuildRequires: libXt-devel
@@ -43,7 +38,15 @@
Provides: smtp_daemon
%if %{?suse_version:%suse_version}%{?!suse_version:0} 800
Requires: logrotate
-PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd fileutils
textutils
+%if 0%{?suse_version} 1220
+BuildRequires: pkgconfig(systemd)
+%{?systemd_requires}
+%else
+Requires(pre): %insserv_prereq
+%endif
+Requires(pre): %fillup_prereq
+Requires(pre): /usr/sbin/useradd
+Requires(pre): fileutils textutils
%endif
Version:4.80.1
Release:0
@@ -68,6 +71,7 @@
Source20:
http://www.logic.univie.ac.at/~ametzler/debian/exim4manpages/exim4-manpages.tar.bz2
Source30: eximstats-html-update.py
Source31: eximstats.conf
+Source32: exim.service
Patch: exim-tail.patch
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
@@ -244,7 +248,11 @@
make
%install
+%if 0%{?suse_version} 1220
+mkdir -p $RPM_BUILD_ROOT/%{_unitdir}
+%else
mkdir -p $RPM_BUILD_ROOT/etc/init.d
+%endif
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
mkdir -p $RPM_BUILD_ROOT/usr/{bin,sbin,lib}
mkdir -p $RPM_BUILD_ROOT/var/log/exim
@@ -258,7 +266,11 @@
INSTALL_ARG=-no_chown install
mv $RPM_BUILD_ROOT/usr/sbin/exim-%{version}* $RPM_BUILD_ROOT/usr/sbin/exim
mv $RPM_BUILD_ROOT/etc/exim/exim.conf src/configure.default # with all
substitutions done
+%if 0%{?suse_version} 1220
+install -m 755 %{S:32} $RPM_BUILD_ROOT/%{_unitdir}/exim.service
+%else
install -m 755 %{S:11} $RPM_BUILD_ROOT/etc/init.d/exim
+%endif
# aka...
for i in \
/usr/lib/sendmail \
@@ -270,7 +282,11 @@
ln -sf ../sbin/exim $RPM_BUILD_ROOT$i
done
ln -sf exim $RPM_BUILD_ROOT/usr/sbin/sendmail
+%if 0%{?suse_version} 1220
+ln -sv ../../%{_unitdir}/exim.service $RPM_BUILD_ROOT/usr/sbin/rcexim
+%else
ln -sv ../../etc/init.d/exim $RPM_BUILD_ROOT/usr/sbin/rcexim
+%endif
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
mv $RPM_BUILD_ROOT/usr/sbin/eximon* $RPM_BUILD_ROOT/usr/bin/
%else
@@ -305,11 +321,6 @@
# package the utilities without executable permissions, to silence rpmlint
warnings
chmod 644 util/*.{pl,sh} src/convert4r*
#
-# since 10.0, the permissions file is packaged in the 'permissions' package
-%if %{?suse_version:%suse_version}%{?!suse_version:9} 1000
-install -m 0755 -d $RPM_BUILD_ROOT/etc/permissions.d
-install -m 0644 $RPM_SOURCE_DIR/permissions.exim
$RPM_BUILD_ROOT/etc/permissions.d/exim
-%endif
# eximstats-html files
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
mkdir -p $RPM_BUILD_ROOT/srv/www/eximstats
@@ -339,24 +350,35 @@
for i in var/log/exim/main.log var/log/exim/panic.log var/log/exim/reject.log;
do
if ! test -e $i; then touch $i; chown mail:mail $i; chmod 640 $i ; fi
done
+%if 0%{?suse_version} 1220
+%{fillup_only}
+%service_add_post exim.service
+%else
%{fillup_and_insserv exim}
+%endif
exit 0
-%if %{?suse_version:%suse_version}%{?!suse_version:0} 820
+%if %{?suse_version:%suse_version}
%preun
+%if 0%{?suse_version} 1220
+%service_del_preun exim.service
+%else
%stop_on_removal exim
%endif
+%endif
%postun
-%if %{?suse_version:%suse_version}%{?!suse_version:0} 820
+%if %{?suse_version:%suse_version}
+%if 0%{?suse_version} 1220
+%service_del_postun exim.service
+%else
%restart_on_update exim
%endif
+%endif
%insserv_cleanup
%verifyscript
%verify_permissions -e /usr/sbin/exim
-%clean
-
%files
%defattr(-,root,root)
%doc ACKNOWLEDGMENTS CHANGES LICENCE NOTICE README.UPDATING README
@@ -376,7 +398,11 @@
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2013-06-17 10:04:45
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2013-01-10
13:02:23.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2013-06-17
10:04:47.0 +0200
@@ -1,0 +2,7 @@
+Sun Jun 16 02:13:52 UTC 2013 - jeng...@inai.de
+
+- exim.spec forces the use of SSL libraries,
+ so make sure the BuildRequires are there.
+ Also add previously implicit cyrus-sasl back.
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.uFOoIf/_old 2013-06-17 10:04:47.0 +0200
+++ /var/tmp/diff_new_pack.uFOoIf/_new 2013-06-17 10:04:47.0 +0200
@@ -17,7 +17,9 @@
Name: exim
+BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
+BuildRequires: libopenssl-devel
BuildRequires: openldap2-devel
BuildRequires: pcre-devel
%if %{?suse_version:1}%{?!suse_version:0}
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2013-01-10 13:02:21
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim, Maintainer is po...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2012-10-27
07:38:45.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2013-01-10
13:02:23.0 +0100
@@ -1,0 +2,6 @@
+Wed Jan 9 19:02:27 UTC 2013 - l...@samba.org
+
+- Execute the run_permissions macro on pre-11.4 systems and else the
+ set_permission one if available; (bnc#764120).
+
+---
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.nz5ZB4/_old 2013-01-10 13:02:24.0 +0100
+++ /var/tmp/diff_new_pack.nz5ZB4/_new 2013-01-10 13:02:24.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package exim
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -319,7 +319,11 @@
install -D -m 0644 $RPM_SOURCE_DIR/apparmor.usr.sbin.exim
$RPM_BUILD_ROOT/etc/apparmor/profiles/extras/usr.sbin.exim
%post
+%if 0%{?suse_version} 1131
%run_permissions
+%else
+%set_permissions /usr/sbin/exim
+%endif
if ! test -s etc/exim/exim.conf; then
if test -s etc/exim.conf; then
mv etc/exim.conf etc/exim/
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2012-10-27 07:38:43
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim, Maintainer is po...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2012-08-26
11:31:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2012-10-27
07:38:45.0 +0200
@@ -1,0 +2,7 @@
+Thu Oct 25 10:36:19 UTC 2012 - l...@samba.org
+
+- update to 4.80.1
+ - SECURITY: protect DKIM DNS decoding from remote exploit; CVE-2012-5671;
+(bnc#786652).
+
+---
Old:
exim-4.80.tar.bz2
New:
exim-4.80.1.tar.bz2
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.uE45Dz/_old 2012-10-27 07:38:47.0 +0200
+++ /var/tmp/diff_new_pack.uE45Dz/_new 2012-10-27 07:38:47.0 +0200
@@ -43,7 +43,7 @@
Requires: logrotate
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd fileutils
textutils
%endif
-Version:4.80
+Version:4.80.1
Release:0
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
++ exim-4.80.tar.bz2 - exim-4.80.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.80/doc/ChangeLog new/exim-4.80.1/doc/ChangeLog
--- old/exim-4.80/doc/ChangeLog 2012-05-31 02:40:15.0 +0200
+++ new/exim-4.80.1/doc/ChangeLog 2012-10-25 05:37:38.0 +0200
@@ -1,6 +1,14 @@
Change log file for Exim from version 4.21
---
+Exim version 4.80.1
+---
+
+PP/01 SECURITY: protect DKIM DNS decoding from remote exploit.
+ CVE-2012-5671
+ This, or similar/improved, will also be change PP/11 of 4.81.
+
+
Exim version 4.80
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.80/doc/spec.txt new/exim-4.80.1/doc/spec.txt
--- old/exim-4.80/doc/spec.txt 2012-05-31 11:35:23.0 +0200
+++ new/exim-4.80.1/doc/spec.txt2012-10-25 05:46:58.0 +0200
@@ -5,9 +5,9 @@
Copyright (c) 2012 University of Cambridge
+-+
-+-++--+
-|Revision 4.80|17 May 2012 |EM|
-+-++--+
+++--+-+
+|Revision 4.80.1 |24 Oct 2012 |EM |
+++--+-+
---
TABLE OF CONTENTS
@@ -653,7 +653,7 @@
1.1 Exim documentation
--
-This edition of the Exim specification applies to version 4.80 of Exim.
+This edition of the Exim specification applies to version 4.80.1 of Exim.
Substantive changes from the 4.75 edition are marked in some renditions of the
document; this paragraph is so marked if the rendition is capable of showing a
change indicator.
@@ -1738,7 +1738,7 @@
Exim is distributed as a gzipped or bzipped tar file which, when unpacked,
creates a directory with the name of the current release (for example,
-exim-4.80) into which the following files are placed:
+exim-4.80.1) into which the following files are placed:
ACKNOWLEDGMENTS contains some acknowledgments
CHANGES contains a reference to where changes are documented
@@ -2348,7 +2348,7 @@
For the utility programs, old versions are renamed by adding the suffix .O to
their names. The Exim binary itself, however, is handled differently. It is
installed under a name that includes the version number and the compile number,
-for example exim-4.80-1. The script then arranges for a symbolic link called
+for example exim-4.80.1-1. The script then arranges for a symbolic link called
exim to point to the binary. If you are updating a previous version of Exim,
the script takes care to ensure that the name exim is never absent from the
directory (as seen by other processes).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/exim-4.80/scripts/reversion
new/exim-4.80.1/scripts/reversion
--- old/exim-4.80/scripts/reversion 2012-05-31 02:40:15.0 +0200
+++ new/exim-4.80.1/scripts/reversion 2012-10-25 05:37:38.0 +0200
@@ -32,21 +32,23 @@
# If this tree is a git working
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2012-08-26 11:31:02
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim, Maintainer is po...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2012-03-20
11:26:48.0 +0100
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2012-08-26
11:31:04.0 +0200
@@ -1,0 +2,97 @@
+Sun Aug 19 13:36:59 UTC 2012 - l...@samba.org
+
+- update to 4.80
+ - Bugzilla 949 - Documentation tweak.
+ - Bugzilla 1093 - eximstats DATA reject detection regexps improved.
+ - Bugzilla 1169 - primary_hostname spelling was incorrect in docs.
+ - Implemented gsasl authenticator.
+ - Implemented heimdal_gssapi authenticator with server_keytab option.
+ - Local/Makefile support for (AUTH|LOOKUP)_*_PC=foo to use
+`pkg-config foo` for cflags/libs.
+ - Swapped $auth1/$auth2 for gsasl GSSAPI mechanism, to be more consistent
+with rest of GSASL and with heimdal_gssapi.
+ - Local/Makefile support for USE_(GNUTLS|OPENSSL)_PC=foo to use
+`pkg-config foo` for cflags/libs for the TLS implementation.
+ - New expansion variable $tls_bits; Cyrus SASL server connection
+properties get this fed in as external SSF. A number of robustness
+and debugging improvements to the cyrus_sasl authenticator.
+ - cyrus_sasl server now expands the server_realm option.
+ - Bugzilla 1214 - Log authentication information in reject log.
+ - Added dbmjz lookup type.
+ - Let heimdal_gssapi authenticator take a SASL message without an authzid.
+ - MAIL args handles TAB as well as SP, for better interop with
+non-compliant senders.
+ - Bugzilla 1237 - fix cases where printf format usage not indicated.
+ - tls_peerdn now print-escaped for spool files.
+Observed some $tls_peerdn in wild which contained \n, which resulted
+in spool file corruption.
+ - TLS fixes for OpenSSL: support TLS 1.1 1.2; new openssl_options
+values; set SSL_MODE_AUTO_RETRY so that OpenSSL will retry a read
+or write after TLS renegotiation, which otherwise led to messages
+Got SSL error 2.
+ - Bugzilla 1239 - fix DKIM verification when signature was not inserted
+as a tracking header (ie: a signed header comes before the signature).
+ - Bugzilla 660 - Multi-valued attributes from ldap now parseable as a
+comma-sep list; embedded commas doubled.
+ - Refactored ACL verify = logic to table-driven dispatch.
+ - LDAP: Check for errors of TLS initialisation, to give correct diagnostics.
+ - Removed dont_insert_empty_fragments fron openssl_options.
+Removed SSL_clear() after SSL_new() which led to protocol negotiation
+failures. We appear to now support TLS1.1+ with Exim.
+ - OpenSSL: new expansion var $tls_sni, which if used in tls_certificate
+lets Exim select keys and certificates based upon TLS SNI from client.
+Also option tls_sni on SMTP Transports. Also clear $tls_bits correctly
+before an outbound SMTP session. New log_selector, +tls_sni.
+ - Bugzilla 1122 - check localhost_number expansion for failure, avoid
+NULL dereference.
+ - Revert part of NM/04, it broke log_path containing %D expansions.
+Left warnings. Added eximon gdb invocation mode.
+ - Defaulting accept_8bitmime to true, not false.
+ - Added -bw for inetd wait mode support.
+ - Added PCRE_CONFIG=yes support to Makefile for using pcre-config to
+locate the relevant includes and libraries. Made this the default.
+ - Fixed headers_only on smtp transports (was not sending trailing dot).
+Bugzilla 1246, report and most of solution from Tomasz Kusy.
+ - ${eval } now uses 64-bit and supports a g suffix (like to k and m).
+This may cause build issues on older platforms.
+ - Revamped GnuTLS support, passing tls_require_ciphers to
+gnutls_priority_init, ignoring Exim options gnutls_require_kx,
+gnutls_require_mac gnutls_require_protocols (no longer supported).
+Added SNI support via GnuTLS too.
+Made ${randint:..} supplier available, if using not-too-old GnuTLS.
+ - Added EXPERIMENTAL_OCSP for OpenSSL.
+ - Applied dnsdb SPF support patch from Janne Snabb.
+Applied second patch from Janne, implementing suggestion to default
+multiple-strings-in-record handling to match SPF spec.
+ - Added expansion variable $tod_epoch_l for a higher-precision time.
+ - Fix DCC dcc_header content corruption (stack memory referenced,
+read-only, out of scope).
+Patch from Wolfgang Breyha, report from Stuart Northfield.
+ - Fix three issues highlighted by clang analyser static analysis.
+Only crash-plausible issue would require the Cambridge-specific
+iplookup router and a misconfiguration.
+Report from Marcin Mirosław.
+ -
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2012-03-20 11:26:45
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim, Maintainer is po...@novell.com
Changes:
--- /work/SRC/openSUSE:Factory/exim/exim.changes2011-09-23
01:57:06.0 +0200
+++ /work/SRC/openSUSE:Factory/.exim.new/exim.changes 2012-03-20
11:26:48.0 +0100
@@ -1,0 +2,94 @@
+Sat Mar 17 19:42:30 UTC 2012 - l...@samba.org
+
+- Disable format-security and missing-format-attribute warnings via CFLAGS on
+ pre-11.2 systems.
+
+---
+Wed Mar 7 16:13:51 UTC 2012 - l...@samba.org
+
+- Remove obsoleted Authors lines from spec file.
+
+---
+Wed Mar 7 15:33:12 UTC 2012 - l...@samba.org
+
+- update to 4.77
+ - DKIM Verification: Fix relaxed canon for empty headers w/o
+whitespace trailer
+ - Fix a couple more cases where we did not log the error message
+when unlink() failed. See also change 4.74-TF/03.
+ - Make the exiwhat support code safe for signals. Previously Exim might
+lock up or crash if it happened to be inside a call to libc when it
+got a SIGUSR1 from exiwhat.
+ - The SIGUSR1 handler appends the current process status to the process
+log which is later printed by exiwhat. It used to use the general
+purpose logging code to do this, but several functions it calls are
+not safe for signals.
+ - The new output code in the SIGUSR1 handler is specific to the process
+log, and simple enough that it's easy to inspect for signal safety.
+Removing some special cases also simplifies the general logging code.
+Removing the spurious timestamps from the process log simplifies
+exiwhat.
+ - Improved ratelimit ACL condition.
+ - Removed obsolete $Cambridge$ CVS revision strings.
+ - Removed a few PCRE remnants.
+ - Automatically extract Exim's version number from tags in the git
+repository when doing development or release builds.
+ - Raise smtp_cmd_buffer_size to 16kB.
+Bugzilla 879. Patch from Paul Fisher.
+ - Implement SSL-on-connect outbound with protocol=smtps on smtp transport.
+Heavily based on revision 40f9a89a from Simon Arlott's tree.
+Bugzilla 97.
+ - Use .dylib instead of .so for dynamic library loading on MacOS.
+ - Variable $av_failed, true if the AV scanner deferred.
+Bugzilla 1078. Patch from John Horne.
+ - Stop make process more reliably on build failure.
+Bugzilla 1087. Patch from Heiko Schlittermann.
+ - Make maildir_use_size_file an _expandable_ boolean.
+Bugzilla 1089. Patch from Heiko Schlittermann.
+ - Handle ${run} returning more data than OS pipe buffer size.
+Bugzilla 1131. Patch from Holger Weiß.
+ - Handle IPv6 addresses with SPF.
+Bugzilla 860. Patch from Wolfgang Breyha.
+ - GnuTLS: support TLS 1.2 1.1.
+Bugzilla 1156.
+Use gnutls_certificate_verify_peers2() [patch from Andreas Metzler].
+Bugzilla 1095.
+ - match_* no longer expand right-hand-side by default.
+New compile-time build option, EXPAND_LISTMATCH_RHS.
+New expansion conditions, inlist, inlisti.
+ - fix uninitialised greeting string from PP/03 (smtps client support).
+ - shell and compiler warnings fixes for RC1-RC4 changes.
+ - fix log_write() format string regression from TF/03.
+Bugzilla 1152. Patch from Dmitry Isaikin.
+
+- update to 4.77
+ - The new ldap_require_cert option would segfault if used. Fixed.
+ - Harmonised TLS library version reporting; only show if debugging.
+Layout now matches that introduced for other libraries in 4.74 PP/03.
+ - New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1
+ - New dns_use_edns0 global option.
+ - Don't segfault on misconfiguration of ref:name exim-user as uid.
+Bugzilla 1098.
+ - Extra paranoia around buffer usage at the STARTTLS transition.
+nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
+ - Updated PolarSSL code to 0.14.2.
+Bugzilla 1097. Patch from Andreas Metzler.
+ - Catch divide-by-zero in ${eval:...}.
+Fixes bugzilla 1102.
+ - Condition negation of bool{}/bool_lax{} did not negate. Fixed.
+Bugzilla 1104.
+ - Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a
+format-string attack -- SECURITY: remote arbitrary code execution.
+ - SECURITY - DKIM signature header parsing was double-expanded, second
+time unintentionally subject to list matching rules, letting the header
+cause arbitrary Exim lookups (of items which can occur in lists, *not*
+arbitrary string expansion). This allowed for information disclosure.
+ - Fix another SIGFPE (x86) in ${eval:...} expansion,
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory checked in
at 2011-12-06 18:08:47
Comparing /work/SRC/openSUSE:Factory/exim (Old)
and /work/SRC/openSUSE:Factory/.exim.new (New)
Package is exim, Maintainer is po...@novell.com
Changes:
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.YHZCRZ/_old 2011-12-06 18:14:10.0 +0100
+++ /var/tmp/diff_new_pack.YHZCRZ/_new 2011-12-06 18:14:10.0 +0100
@@ -32,7 +32,7 @@
%endif
Url:http://www.exim.org/
Conflicts: sendmail sendmail-tls postfix
-License:GPLv2+
+License:GPL-2.0+
Group: Productivity/Networking/Email/Servers
AutoReqProv:on
Provides: smtp_daemon
@@ -67,12 +67,12 @@
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
-License:GPLv2+
+License:GPL-2.0+
Summary:Eximon, an graphical frontend to administer Exim's mail queue
Group: Productivity/Networking/Email/Servers
%package -n eximstats-html
-License:GPLv2+
+License:GPL-2.0+
Summary:Create HTML reports of exim logs
Group: Productivity/Networking/Email/Servers
Requires: perl-GD perl-GDGraph perl-GDTextUtil
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory
checked in at Tue May 10 09:16:06 CEST 2011.
--- exim/exim.changes 2011-05-07 15:33:18.0 +0200
+++ /mounts/work_src_done/STABLE/exim/exim.changes 2011-05-09
13:33:14.0 +0200
@@ -1,0 +2,5 @@
+Mon May 9 13:32:55 CEST 2011 - dmuel...@suse.de
+
+- check format strings
+
+---
calling whatdependson for head-i586
New:
format-security.diff
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.gM2RXA/_old 2011-05-10 09:15:14.0 +0200
+++ /var/tmp/diff_new_pack.gM2RXA/_new 2011-05-10 09:15:14.0 +0200
@@ -41,7 +41,7 @@
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd fileutils
textutils
%endif
Version:4.75
-Release:1
+Release:3
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
Provides: exim = %version
@@ -63,6 +63,7 @@
Source31: eximstats.conf
Patch: exim-4.12-tail.patch
Patch1: 109066729a54f6ba5c4e8bc174133da33242e930.diff
+Patch2: format-security.diff
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
@@ -130,6 +131,7 @@
%setup -q -n exim-%{version}
%patch
%patch1 -p2
+%patch2
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} 930
fPIE=-fPIE
@@ -241,7 +243,7 @@
# SPOOL_MODE=0640
SUPPORT_MOVE_FROZEN_MESSAGES=yes
HAVE_IPV6=YES
- CFLAGS=$RPM_OPT_FLAGS -Wall -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE
+ CFLAGS=$RPM_OPT_FLAGS -Wall -Werror=format-security
-Werror=missing-format-attribute -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE
EXTRALIBS=-ldl -L/usr/X11R6/%{_lib} $pie
EOF
touch Local/eximon.conf
++ format-security.diff ++
--- exim_monitor/em_log.c
+++ exim_monitor/em_log.c
@@ -58,6 +58,8 @@
static int size = 0;
static int top = 0;
+static void show_log(char *s, ...) PRINTF_FUNCTION(1,2);
+
static void show_log(char *s, ...)
{
int length, newtop;
@@ -364,7 +366,7 @@
if (log_datestamping)
{
uschar log_file_wanted[256];
- string_format(log_file_wanted, sizeof(log_file_wanted), CS log_file);
+ string_format(log_file_wanted, sizeof(log_file_wanted), %s, CS log_file);
if (Ustrcmp(log_file_wanted, log_file_open) != 0)
{
if (LOG != NULL)
--- exim_monitor/em_main.c
+++ exim_monitor/em_main.c
@@ -656,7 +656,7 @@
if (log_file[0] != 0)
{
- (void)string_format(log_file_open, sizeof(log_file_open), CS log_file);
+ (void)string_format(log_file_open, sizeof(log_file_open), %s, CS log_file);
log_datestamping = string_datestamp_offset = 0;
LOG = fopen(CS log_file_open, r);
--- exim_monitor/em_text.c
+++ exim_monitor/em_text.c
@@ -60,6 +60,8 @@
* Display text from format *
*/
+void text_showf(Widget w, char *s, ...) PRINTF_FUNCTION(2,3);
+
void text_showf(Widget w, char *s, ...)
{
va_list ap;
--- src/demime.c
+++ src/demime.c
@@ -823,7 +823,7 @@
(void)string_vformat(US f, 16383,(char *)format, ap);
va_end(ap);
f-=22;
-log_write(0, LOG_MAIN, f);
+log_write(0, LOG_MAIN, %s, f);
/* then copy to demime_reason_buffer if new
level is greater than old level */
if (level demime_errorlevel) {
--- src/dkim.c
+++ src/dkim.c
@@ -176,7 +176,7 @@
}
logmsg[ptr] = '\0';
-log_write(0, LOG_MAIN, (char *)logmsg);
+log_write(0, LOG_MAIN, %s, (char *)logmsg);
/* Build a colon-separated list of signing domains (and identities, if
present) in dkim_signers */
dkim_signers = string_append(dkim_signers,
--- src/exim_dbutil.c
+++ src/exim_dbutil.c
@@ -59,6 +59,7 @@
#include dbstuff.h
#include osfunctions.h
#include store.h
+#include local_scan.h
/* Identifiers for the different database types. */
--- src/functions.h
+++ src/functions.h
@@ -82,7 +82,7 @@
int, int, uschar *, bit_table *, int, uschar *, int);
extern address_item *deliver_make_addr(uschar *, BOOL);
extern int deliver_message(uschar *, BOOL, BOOL);
-extern voiddeliver_msglog(const char *, ...);
+extern voiddeliver_msglog(const char *, ...) PRINTF_FUNCTION(1,2);
extern voiddeliver_set_expansions(address_item *);
extern int deliver_split_address(address_item *);
extern voiddeliver_succeeded(address_item *);
@@ -181,9 +181,9 @@
extern uschar *moan_check_errorcopy(uschar *);
extern BOOLmoan_skipped_syntax_errors(uschar *, error_block *, uschar *,
BOOL, uschar *);
-extern voidmoan_smtp_batch(uschar *, char *, ...);
+extern voidmoan_smtp_batch(uschar *, char *,
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory
checked in at Mon May 9 10:26:25 CEST 2011.
--- exim/exim.changes 2011-03-10 19:42:25.0 +0100
+++ /mounts/work_src_done/STABLE/exim/exim.changes 2011-05-07
15:33:18.0 +0200
@@ -1,0 +2,53 @@
+Sat May 7 13:12:08 UTC 2011 - l...@samba.org
+
+- The new ldap_require_cert option would segfault if used; use upstream patch
+ to address the ldap_set_option() issue; (beo#230); (beo#1108).
+
+---
+Fri May 6 20:00:38 UTC 2011 - l...@samba.org
+
+- Cast third arg to void * when calling ldap_set_option().
+
+---
+Fri May 6 19:14:37 UTC 2011 - l...@samba.org
+
+- update to 4.75
+ - Workround for PCRE version dependency in version reporting
+Bugzilla 1073
+ - Permit LOOKUP_foo enabling on the make command-line.
+Also via indented variable definition in the Makefile.
+ - Restore caching of spamd results with expanded spamd_address.
+ - Build issue: lookups-Makefile now exports LC_ALL=C
+Improves build reliability.
+ - Fix wide character breakage in the rfc2047 coding; Fixes bug 1064.
+ - Allow underscore in dnslist lookups; Fixes bug 1026.
+ - Bugzilla 230: Support TLS-enabled LDAP (in addition to ldaps).
+ - Fixed exiqgrep to cope with mailq missing size issue
+Fixes bug 943.
+ - Bugzilla 1083: when lookup expansion defers, escape the output which
+is logged, to avoid truncation.
+ - Bugzilla 1042: implement freeze_signal on pipe transports.
+ - Bugzilla 1061: restrict error messages sent over SMTP to not reveal
+SQL string expansion failure details.
+ - Bugzilla 486: implement %M datestamping in log filenames.
+ - New lookups functionality failed to compile on old gcc which rejects
+extern declarations in function scope.
+ - Use sig_atomic_t for flags set from signal handlers.
+Check getgroups() return and improve debugging.
+Fixed developed for diagnosis in bug 927 (which turned out to be
+a kernel bug).
+ - Bugzilla 1055: Update $message_linecount for maildir_tag.
+ - Bugzilla 1056: Improved spamd server selection.
+ - Bugzilla 1086: Deal with maildir quota file races.
+ - Bugzilla 1019: DKIM multiple signature generation fix.
+ - Fix to spam.c to accommodate older gcc versions which dislike
+variable declaration deep within a block.
+ - Make DISABLE_DKIM build knob functional.
+ - Bugzilla 968: child_open_uid: restore default SIGPIPE handler
+
+---
+Fri May 6 18:18:00 UTC 2011 - l...@samba.org
+
+- Don't pass DKIM compound log line as format string; (beo#1106); (bnc#692227).
+
+---
calling whatdependson for head-i586
Old:
aa097c4c00f62487128d74f65c521f9e877b184f.diff
exim-4.74.tar.bz2
New:
109066729a54f6ba5c4e8bc174133da33242e930.diff
exim-4.75.tar.bz2
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.EfrW12/_old 2011-05-09 10:24:53.0 +0200
+++ /var/tmp/diff_new_pack.EfrW12/_new 2011-05-09 10:24:53.0 +0200
@@ -40,8 +40,8 @@
Requires: logrotate
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd fileutils
textutils
%endif
-Version:4.74
-Release:8
+Version:4.75
+Release:1
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
Provides: exim = %version
@@ -62,7 +62,7 @@
Source30: eximstats-html-update.py
Source31: eximstats.conf
Patch: exim-4.12-tail.patch
-Patch1: aa097c4c00f62487128d74f65c521f9e877b184f.diff
+Patch1: 109066729a54f6ba5c4e8bc174133da33242e930.diff
%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
@@ -129,7 +129,7 @@
%prep
%setup -q -n exim-%{version}
%patch
-%patch1 -p1
+%patch1 -p2
# build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
%if %{?suse_version:%suse_version}%{?!suse_version:9} 930
fPIE=-fPIE
++ 109066729a54f6ba5c4e8bc174133da33242e930.diff ++
From 109066729a54f6ba5c4e8bc174133da33242e930 Mon Sep 17 00:00:00 2001
From: Phil Pennock p...@exim.org
Date: Tue, 22 Mar 2011 06:43:34 -0400
Subject: [PATCH] Make ldap_require_cert work (not segfault).
The clang complaint, which also triggered a gcc complaint, was
legitimate. My first test, which suggested no problem, was flawed.
This:
ldap_start_tls
ldap_require_cert = demand
would cause a segfault on LDAP lookup.
fixes bug 230
---
doc/doc-txt/ChangeLog |6 ++
src/src/lookups/ldap.c |2 +-
2 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 853f3a5..94952af 100644
--- a/doc/doc/ChangeLog
+++
commit exim for openSUSE:Factory
Hello community,
here is the log from the commit of package exim for openSUSE:Factory
checked in at Thu Apr 21 13:25:17 CEST 2011.
--- exim/exim.changes 2011-02-04 23:21:53.0 +0100
+++ /mounts/work_src_done/STABLE/exim/exim.changes 2011-03-10
19:42:25.0 +0100
@@ -1,0 +2,6 @@
+Thu Mar 10 18:30:11 UTC 2011 - po...@cmdline.net
+
+- postgresql-enabled build when build_with_pgsql is defined (which is done in a
+ linked package named server:mail/exim-postgresql)
+
+---
calling whatdependson for head-i586
Other differences:
--
++ exim.spec ++
--- /var/tmp/diff_new_pack.vNkVTj/_old 2011-04-21 13:24:15.0 +0200
+++ /var/tmp/diff_new_pack.vNkVTj/_new 2011-04-21 13:24:15.0 +0200
@@ -41,11 +41,15 @@
PreReq: %insserv_prereq %fillup_prereq /usr/sbin/useradd fileutils
textutils
%endif
Version:4.74
-Release:1
+Release:8
%if %{?build_with_mysql:1}0
BuildRequires: mysql-devel
Provides: exim = %version
%endif
+%if %{?build_with_pgsql:1}0
+BuildRequires: postgresql-devel
+Provides: exim = %version
+%endif
Summary:The Exim Mail Transfer Agent, a Replacement for sendmail
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source: exim-%{version}.tar.bz2
@@ -59,7 +63,7 @@
Source31: eximstats.conf
Patch: exim-4.12-tail.patch
Patch1: aa097c4c00f62487128d74f65c521f9e877b184f.diff
-%if !%{?build_with_mysql:1}0
+%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%package -n eximon
License:GPLv2+
@@ -88,7 +92,7 @@
Philip Hazel p...@cus.cam.ac.uk
-%if !%{?build_with_mysql:1}0
+%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%description -n eximon
This allows administrators to view the exim agent's mail queue and
@@ -162,6 +166,9 @@
%if %{?build_with_mysql:1}0
LOOKUP_MYSQL=yes
%endif
+%if %{?build_with_pgsql:1}0
+ LOOKUP_PGSQL=yes
+%endif
LOOKUP_NIS=yes
# LOOKUP_NISPLUS=yes
# LOOKUP_ORACLE=yes
@@ -177,6 +184,10 @@
LOOKUP_INCLUDE=-I /usr/include/mysql
LOOKUP_LIBS=-lldap -llber -lmysqlclient
%endif
+%if %{?build_with_pgsql:1}0
+ LOOKUP_INCLUDE=-I /usr/include/pgsql
+ LOOKUP_LIBS=-lldap -llber -lpq
+%endif
EXIM_MONITOR=eximon.bin
WITH_CONTENT_SCAN=yes
WITH_OLD_DEMIME=yes
@@ -267,7 +278,7 @@
done
ln -sf exim $RPM_BUILD_ROOT/usr/sbin/sendmail
ln -sv ../../etc/init.d/exim $RPM_BUILD_ROOT/usr/sbin/rcexim
-%if !%{?build_with_mysql:1}0
+%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
mv $RPM_BUILD_ROOT/usr/sbin/eximon* $RPM_BUILD_ROOT/usr/bin/
%else
rm $RPM_BUILD_ROOT/usr/sbin/eximon*
@@ -307,7 +318,7 @@
install -m 0644 $RPM_SOURCE_DIR/permissions.exim
$RPM_BUILD_ROOT/etc/permissions.d/exim
%endif
# eximstats-html files
-%if !%{?build_with_mysql:1}0
+%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
mkdir -p $RPM_BUILD_ROOT/srv/www/eximstats
mkdir -p $RPM_BUILD_ROOT/etc/apache2/conf.d/
cp -p $RPM_SOURCE_DIR/eximstats.conf $RPM_BUILD_ROOT/etc/apache2/conf.d/
@@ -386,7 +397,7 @@
/usr/lib/sendmail
/var/adm/fillup-templates/sysconfig.exim
%dir %attr(750,root,mail) /var/log/exim
-%if !%{?build_with_mysql:1}0
+%if !%{?build_with_mysql:1}0 !%{?build_with_pgsql:1}0
%files -n eximon
%defattr(-,root,root)
++ exim-4.12-tail.patch ++
--- /var/tmp/diff_new_pack.vNkVTj/_old 2011-04-21 13:24:15.0 +0200
+++ /var/tmp/diff_new_pack.vNkVTj/_new 2011-04-21 13:24:15.0 +0200
@@ -1,3 +1,8 @@
+From: Ruediger Oertel ro at suse dot de
+Subject: fix deprecated tail call syntax (-1)
+Reported-Upstream: Yes
+Bugtracker: bugs.exim.org 1080
+
Index: scripts/Configure-config.h
===
--- scripts/Configure-config.h.orig
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
