Bug#893483: exim4-daemon-heavy: Please apply patch from upstream to fix DKIM log line corruption

Andreas Metzler ametzler at bebt.de
Mon Mar 19 17:34:27 UTC 2018 

Control: notfound -1 1
Control: found -1 4.89-1
Control: done -1 4.89-5

On 2018-03-19 "Martin A. Brooks" <martin at hinterlands.org> wrote:
> Package: exim4-daemon-heavy
> Version: 1
> Severity: important
> Tags: upstream

> Dear Maintainer,

> I am regularly seeing DKIM log line corruption on production systems.
> This is a known bug and a patch is available for it.  This patch does
> not appear to be applied to the current package version.

> The patch can be viewed here:

> http://goo.gl/1gz4q5

This was fixed in 4.89-5:
exim4 (4.89-5) unstable; urgency=medium

  * Update to exim-4_89+fixes branch:
    75_fixes_01-Start-exim-4_89-fixes-to-cherry-pick-some-commits-fr.patch
    75_fixes_02-Cleanup-prevent-repeated-use-of-p-oMr-to-avoid-mem-l.patch
    (replaces 79_CVE-2017-1000369.patch)
    75_fixes_03-Fix-log-line-corruption-for-DKIM-status.patch (replaces
    81_Fix-log-line-corruption-for-DKIM-status.patch)
    75_fixes_04-Openssl-disable-session-tickets-by-default-and-sessi.patch
    75_fixes_05-Transport-fix-smtp-under-combo-of-mua_wrapper-and-li.patch
    75_fixes_07-Openssl-disable-session-tickets-by-default-and-sessi.patch
    75_fixes_08-Transport-fix-smtp-under-combo-of-mua_wrapper-and-li.patch
    75_fixes_09-Use-the-BDB-environment-so-that-a-database-config-fi.patch
    (CVE-2017-10140)
    75_fixes_10-Fix-cache-cold-random-callout-verify.-Bug-2147.patch
    75_fixes_11-On-callout-avoid-SIZE-every-time-but-noncacheable-rc.patch
    75_fixes_12-Fix-build-for-earlier-version-Berkeley-DB.patch
  * Simplify debian/rules by including buildflags.mk unconditionally which was
    introduced in dpkg 1.16.1 released in October 2011.
  * Use pkg-info.mk to get package-version, upstream-version and
    SOURCE_DATE_EPOCH. For the latter fall back to current time if it is not
    provided by pkg-info.mk.
  * [lintian] In *daemon.postinst use which certtool instead of
    [ -x /usr/bin/certtool ] to check for availablility of the command.

 -- Andreas Metzler <ametzler at debian.org>  Thu, 10 Aug 2017 10:17:05 +0200

cu Andreas


-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-exim4-maintainers mailing list