Bug#826646: Incorrect handling with initial_cwd variable

Серж ИвановЪ evasive.gyron at gmail.com
Tue Jun 7 12:16:59 UTC 2016

Package: exim4
Priority: standard
Version: 4.80

Currently exim4 debian package handles CWD parameter not correctly.

This fix introduced security patch to store CWD into additional variable
named initial_cwd and it was applied in debian exim packages.

Before this security fix (Bug 1805), upstream introduced some additional
changes to CWD handling code, this fix was not applied by debian package

Current behavior overrides CWD BEFORE any CWD handling could occur.

Uchdir("/") occurs before initial_cwd reads current working directory.

This bug applies to exim in stable and oldstable distribution.

This bug can be reproduced by adding this code "warn logwrite =
$initial_cwd" into acl_not_smtp_start config section

While sending email using plain sendmail, exim4 mail.log has to contain
initial working directory of calling process but instead it contains
already chrooted patch "/"

This is a serious bug, it breaks logic of many spam handling software and
should be fixed soon.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-exim4-maintainers/attachments/20160607/21d01b0b/attachment.html>

More information about the Pkg-exim4-maintainers mailing list