RFH exim localscan dlopen patch stopped working with exim 4.93 (RC0)

Andreas Metzler ametzler at bebt.de
Sat Oct 26 17:12:13 BST 2019

On 2019-10-20 Andreas Metzler <ametzler at bebt.de> wrote:
> Hello,

> I have just uploaded exim4 4.93~RC0-1 to experimental.

> Due to 

> | JH/32 Introduce a general tainting mechanism for values read from the
> |     input channel, and values derived from them. Refuse to expand any
> |     tainted values, to catch one form of exploit.

> the localscan dlopen patch does not work anynmore with exim 4.93 RC0.
> I think sa-exim.c needs to be built with -DLOCAL_SCAN but that does
> improve things significantly.

> For the time being I have removed exim4-localscanapi-2.0 from Provides.

Fixing (now obvious) errors on exim's side
https://bugs.exim.org/show_bug.cgi?id=2458 sa-exim builds again with

cu Andreas

`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-exim4-maintainers mailing list