exim4_4.93-12~bpo10+1_amd64.changes ACCEPTED into buster-backports, buster-backports
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Mar 9 10:00:22 GMT 2020
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 01 Mar 2020 11:10:05 +0100
Source: exim4
Binary: exim4 exim4-base exim4-base-dbgsym exim4-config exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym
Architecture: source amd64 all
Version: 4.93-12~bpo10+1
Distribution: buster-backports
Urgency: critical
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers at lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler at debian.org>
Description:
exim4 - metapackage to ease Exim MTA (v4) installation
exim4-base - support files for all Exim MTA (v4) packages
exim4-config - configuration for the Exim MTA (v4)
exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac
exim4-daemon-light - lightweight Exim MTA (v4) daemon
exim4-dev - header files for the Exim MTA (v4) packages
eximon4 - monitor application for the Exim MTA (v4) (X11 interface)
Closes: 399930 611085 780033 823831 885149 927280 927741 929626 929798 930519 932328 933231 942292 943006 944060 944199 944786 945943 949034 950973 952451
Changes:
exim4 (4.93-12~bpo10+1) buster-backports; urgency=low
.
* Rebuild for buster-backports.
.
exim4 (4.93-12) unstable; urgency=low
.
* Update from exim-4.93+fixes:
+ 74_28-Fix-tr-expansion-item.-Bug-2533.patch
* Recover more gracefull from half installed state after trying to install
without util-linux (essential) installed. Closes: #952451 (Thanks, James
Le Cuirot for the patch)
* Use macro ("ROUTER_DNSLOOKUP_IGNORE_TARGET_HOSTS") for ignore_target_hosts
list setting on dnslookup router. Extend list by corresponding IPv6
entries (Thanks, C Snover) Closes: #950973
* Add REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE to allow setting headers_remove
on both remote_smtp and remote_smtp_smarthost transports. Closes: #927741
.
exim4 (4.93-11) unstable; urgency=medium
.
* Update from exim-4.93+fixes:
+ 74_26-Auths-fix-cyrus-sasl-driver-for-gssapi-use.-Bug-2524.patch
+ 74_27-GnuTLS-fix-hanging-callout-connections.patch
.
exim4 (4.93-10) unstable; urgency=medium
.
* Refresh debian/upstream/signing-key.asc from
https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
* Update from exim-4.93+fixes:
+ 74_23-Fix-taint-hybrid-checking-on-BSD.patch
+ 74_24-TFO-even-in-binary-built-for-modern-Linux-handle-err.patch
+ 74_25-Taint-slow-mode-checking-only.patch
.
exim4 (4.93-9) unstable; urgency=medium
.
* Add 74_22-Taint-hybrid-checking-mode.patch.
.
exim4 (4.93-8) unstable; urgency=medium
.
* Refresh debian/upstream/signing-key.asc from
https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
* More updates from exim-4.93+fixes:
+ 74_19-SPF-fix-result-for-case-of-only-non-spf-TXT-RRs.-Bug.patch
+ 74_20-Fix-error-logging-for-dynamically-loaded-modules.-Bu.patch
+ 74_21-heimdal-auth-fix-the-increase-of-big_buffer-size.-Bu.patch
Closes: #949034
.
exim4 (4.93-7) unstable; urgency=medium
.
* README.Debian: Expand a little bit on how macros work. (See #948308)
* Upload to unstable.
.
exim4 (4.93-6) experimental; urgency=low
.
* Improve on reproducible build, set EXIM_ARCHTYPE=DEB_TARGET_GNU_CPU to
override/avoid CPU detection with uname -m.
* More updates from exim-4.93+fixes:
74_18-SPF-fix-handling-mix-of-spf-and-other-txt-records.-B.patch
* Polish debian/rules. (Use CURDIR instead of executing `pwd`, avoid :=
assignments with $(shell).
* Build with SMTPUTF8 support. (SUPPORT_I18N_2008 and SUPPORT_I18N)
Closes: #885149
In configuration set smtputf8_advertise_hosts to '' instead of '*'.
.
exim4 (4.93-5) unstable; urgency=medium
.
* More updates from exim-4.93+fixes:
74_14-SPF-only-require-v-spf1-on-TXT-DNS-records-during-lo.patch
74_15-Eximon-fix-string-handling.-Bug-2500.patch
74_16-Fix-build-with-heimdal-gssapi.-Bug-2501.patch
74_17-Fix-the-variables-set-by-gsasl-authenticator.patch
.
exim4 (4.93-4) unstable; urgency=medium
.
* Improve on TLS info in README.Debian.
* More updates from exim-4.93+fixes:
74_10-DMARC-default-dmarc_tld_file-to-unset.-Bug-2494.patch
74_11-Zero-smtp-context-structure-after-allocation.patch
74_13-ARC-Reset-received-ARC-instance-counter-before-next-.patch
.
exim4 (4.93-3) unstable; urgency=medium
.
* More updates (4.93.0.3) from exim-4.93+fixes:
74_08-ARC-fix-crash-induced-by-misordered-headers.-Bug-249.patch
74_09-Fix-taint-issue-with-retry-records.-Bug-2492.patch
.
exim4 (4.93-2) unstable; urgency=medium
.
* Update to exim-4.93+fixes branch
74_01-PAM-fix-crash-in-the-pam-expansion-condition.-Bug-24.patch
74_02-Regard-command-line-recipients-as-tainted.patch
74_03-TFO-disable-for-FreeBSD.patch
74_04-Hurd-errno-really-uses-more-than-a-short-sized-value.patch
74_06-local_scan-align-local_scan.h-and-docs-re.-store_get.patch
74_07-Fix-taint-issue-in-transport-with-DSN.-Bug-2491.patch
.
exim4 (4.93-1) unstable; urgency=low
.
* Point watchfile to release directory again.
* New upstream version.
.
exim4 (4.93~RC7-1) unstable; urgency=low
.
* New upstream version.
+ Update md5 hash for upstream example configuration. (Change not relevant
for Debian)
* 75_01-Build-Enable-GNU-Hurd-Bug-2476.patch and
75_02-TFO-disable-for-FreeBSD.patch from upstream 4.next branch: Re-enable
build on GNU/hurd. (Thanks. Samuel Thibault) Closes: #945943
.
exim4 (4.93~RC5-1) unstable; urgency=low
.
* New upstream version.
+ Bump exim4-localscanap Provides.
.
exim4 (4.93~RC4-1) unstable; urgency=low
.
* New upstream version.
.
exim4 (4.93~RC3-1) unstable; urgency=low
.
* Drop (dead) link to openspf.org in rcpt ACL message string.
Closes: #944786
* New upstream version.
+ Unfuzz 90_localscan_dlopen.dpatch.
.
exim4 (4.93~RC2-1) unstable; urgency=low
.
* New upstream beta version.
+ Drop patches/75*.
* Allow overriding cron.daily paniclog report recipient. Closes: #611085
* Add REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES and
REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS to set tls_verify_certificates and
tls_verify_hosts respectively on the remote_smtp_smarthost transport.
Closes: #823831
In addition to that add REMOTE_SMTP_HOSTS_REQUIRE_TLS to set
hosts_require_tls for the remote_smtp transport. Closes: #780033
.
exim4 (4.93~RC1-4) unstable; urgency=low
.
* Add libnet-ssleay-perl dependency to "basic" autopkg test. We do not need
it yet but will forget for sure to add it when we do.
* Following upstream defaults do not disable incoming TLS by default - i.e.
if MAIN_TLS_ENABLE is not set - but use a self-signed certificate.
(Relevant upstream changes: tls_advertise_hosts defaults to * for TLS
builds since 4.87_JH/18, on-demand generation of self-signed certificate
for inbound SMTP since 4.88_JH/05, 4.93_JH/23 TLS enabled build by
default.)
* 75_02-Revert-preallocate-store-for-config-which-appears-to.patch: Fix
mismerge which triggered a test error on mipsel. Closes: #944060
.
exim4 (4.93~RC1-3) unstable; urgency=low
.
* 75_01-Dsearch-Fix-taint-handling-in-lookup.-Bug-2465.patch: Untaint
dsearch lookup. Closes: #944199
.
exim4 (4.93~RC1-2) unstable; urgency=low
.
* autopkg test: Drop (python2) test for ancient vulnerability and do some
basic testing with swaks instead. Closes: #943006
* Upload to unstable.
.
exim4 (4.93~RC1-1) experimental; urgency=low
.
* New upstream beta version.
+ Drop 75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch,
75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch and
75_03_Fix-local-scan-ABI.-Bug-2458.patch.
+ Update debian/example.conf.md5 (Removal of dnssec_request_domains was
already implemented in 4.93~RC0-1.)
* exigrep does case sensitive *option* processing (as it did for all
versions <4.90). Notably -M, -m, --invert, -I may be affected.
Closes: #927280
(This change was already present in RC0.)
.
exim4 (4.93~RC0-2) experimental; urgency=low
.
* 75_03_Fix-local-scan-ABI.-Bug-2458.patch: Fix function prototypes in
local_scan.h.
* 90_localscan_dlopen.dpatch: Unfuzz, mark
string_copy_function/string_copy_taint_function/string_copyn_function in
string.c as visible.
* Provide exim4-localscanapi-2.1.
* Drop sa-exim Breaks, the localscanapi version bump makes this superfluous.
.
exim4 (4.93~RC0-1) experimental; urgency=low
.
* Point watchfile to test-subdirectory.
* New upstream beta version.
+ Drop debian/patches/7[56]*.
+ Unfuzz 90_localscan_dlopen.dpatch.
+ Unfuzz/update (explicit -lnsl) debian/EDITME*
+ Update configuration, mirorring upstream changes.
Both dnssec_request_domains and hosts_try_dane now default to '*', drop
these settings. REMOTE_SMTP_DISABLE_DANE is a noop, now.
+ Exim DH param configuration (tls_dhparam) now makes use of the current
GnuTLS (> 3.6) functionality, which implements rfc 7919. Drop
unnecessary packaging bits.
+ Pull post release fix from upstream GIT
(75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch) to fix build error
with HAVE_LOCAL_SCAN=yes.
+ Update 90_localscan_dlopen.dpatch to #include documented interface
(local_scan.h) instead of exim.h.
* debian/rules: Do not try to build -heavy if -light failed.
* 75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch:
Post-release hix from upstream GIT.
https://bugs.exim.org/show_bug.cgi?id=2454
* The localscan dlopen functionality is broken, (temporarily) drop
exim4-localscanapi-2.0 from Provides.
.
exim4 (4.92.3-1) unstable; urgency=medium
.
* Fix (commented) examples in configuration for clamd and courier authdaemon
to refer to /run instead of /var/run. Closes: #942292
* While we are at it also fix exim pid file path in exim(8).
* New upstream version (identical to 4.92.2 +
75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch, i.e.
4.92.2-3).
* Use patches from exim-4.92.3+fixes, add
75_36-Fix-errorcheck-in-smtp-transport.patch.
* [lintian] Set Rules-Requires-Root: binary-targets.
.
exim4 (4.92.2-3) unstable; urgency=critical
.
* 75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch: Fix buffer
overflow in string_vformat. CVE-2019-16928
.
exim4 (4.92.2-2) unstable; urgency=medium
.
* Upload to unstable.
.
exim4 (4.92.2-1) experimental; urgency=medium
.
* New upstream security release (identical except for the version number to
4.92.1 + 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch).
+ Drop 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch.
* Refresh from exim-4.92.2+fixes branch:
+ 75_32-Fix-domain-for-a-bare-local-part-input.-Bug-2375.patch
+ 75_33-exim_dbmbuild-handle-0-sequence.patch
+ 75_34-fixup-exim_dbmbuild-handle-0-sequence.patch
.
exim4 (4.92.1-3) unstable; urgency=high
.
* 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch - Fix SNI
related buffer overflow. CVE-2019-15846
.
exim4 (4.92.1-2) unstable; urgency=medium
.
* Pulled from exim-4.92+fixes branch:
+ 75_30-Fix-crash-after-TLS-channel-shutdown.patch
+ 75_31-Auth-handle-socket-read-errors-in-Dovecot-authentica.patch
* Add Breaks: sa-exim (<< 4.2.1-17) to -heavy, see #930648.
* Change *.logrotate to nocreate to work around #400198.
Closes: #399930
.
exim4 (4.92.1-1) unstable; urgency=low
.
* New upstream bugfix release. (4.92.1 is 4.92 + the fix for CVE-2019-13917,
so there are no source changes to the previous upload.)
+ Drop 77_Avoid-re-expansion-in-sort-CVE-2019-13917-OVE-201907.patch.
+ Use patches from exim-4.92.1+fixes branch.
* In cron.daily use '/usr/sbin/exim4 -be '${primary_hostname}' instead of
hostname --fqdn to get local hostname (for information purposes).
Closes: #933231
* Run exim4-base daily job via systemd.timer to guarantee execution before
logrotate. Closes: #932328 (Thanks to Sven Hartge for bug-report and
patch)
* Add systemd-sysv as alternative for fulfilling the cron dependency.
* Use debhelper 12 compat.
.
exim4 (4.92-10) unstable; urgency=high
.
* Fix remote command execution vulnerability related to
"${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006
.
exim4 (4.92-9) unstable; urgency=low
.
* exim4-base.cron.daily, paniclog warning mail:
+ Improve on wording. ${E4BCD_PANICLOG_LINES} only sets an upper limit
of reported lines, there might be less lines than that in the mail.
Closes: #929626
+ Instead of quoting the last ${E4BCD_PANICLOG_LINES} send out the last
lines not filtered out by "$E4BCD_PANICLOG_NOISE". Closes: #929798
* Add missing patches from exim-4.92+fixes branch, other patches renamed for
proper order.
+ 75_11-Fix-bP-smtp_receive_timeout-.-Bug-2384.patch
+ 75_12-Fix-build-with-recent-LibreSSL-when-including-DANE.-.patch
+ 75_13-SPF-better-buld-compatibility-with-OpenBSD.patch
+ 75_15-GnuTLS-3.6.7-cipher-strings.patch
+ 75_17-Fix-listing-a-named-queue-by-a-non-admin-user.-Bug-2.patch
+ 75_21-Unbreak-heimdal_gssapi-auth-driver.patch
+ 75_22-Fix-DSN-Final-Recipient-field.patch
+ 75_23-Fix-bounce-generation-under-RFC-3461-request.-Bug-24.patch
* 75_20-Fix-detection-of-32b-platform-at-build-time.-Bug-240.patch is now
also from + fixes branch.
* Tighten dependency of exim4 on daemon packages. Closes: #930519 Add
lintian override for version-substvar-for-external-package.
Checksums-Sha1:
ce7bcb61fbcc3a8d66672cf4a1c196a9280ca79b 2911 exim4_4.93-12~bpo10+1.dsc
7a8490a153395491229a11c5ac9b0df9a2aa4dde 488184 exim4_4.93-12~bpo10+1.debian.tar.xz
7fc10cd24d767a76d23039c673a9ba74e428c67e 211640 exim4-base-dbgsym_4.93-12~bpo10+1_amd64.deb
33bff5b7a274223eba2b6404402b67102bd33763 1152248 exim4-base_4.93-12~bpo10+1_amd64.deb
0a4fe417337adacfe14a0539a2818753afd32d9b 327960 exim4-config_4.93-12~bpo10+1_all.deb
b1288dbba8d767ef682f59c3297e72ccd313daae 1427456 exim4-daemon-heavy-dbgsym_4.93-12~bpo10+1_amd64.deb
73a88507e496a5f61d757e2f7d4a3b95c2750043 683196 exim4-daemon-heavy_4.93-12~bpo10+1_amd64.deb
ab7f3af735cd5ca7176dea378864140e0d051db5 1253600 exim4-daemon-light-dbgsym_4.93-12~bpo10+1_amd64.deb
89b41dfd96dbca11d936bfe36f604b98664724c9 625640 exim4-daemon-light_4.93-12~bpo10+1_amd64.deb
a031f8c0138ca801eb8c4b363016a798b46bc424 110832 exim4-dev_4.93-12~bpo10+1_amd64.deb
43a675c0f6e26f26db9f17ebd133f2ca92da4321 7188 exim4_4.93-12~bpo10+1_all.deb
101d2c2aeecee580d9b64d84f52c100e72c286e3 11195 exim4_4.93-12~bpo10+1_amd64.buildinfo
5e1b27a85e2b8e87a5d4f29a8b0b29449cf8d032 137880 eximon4-dbgsym_4.93-12~bpo10+1_amd64.deb
f53015ac26c810faefc7f03a6c6a8dfe1fd4e0d2 143460 eximon4_4.93-12~bpo10+1_amd64.deb
Checksums-Sha256:
2b88ffd20ab8abcd23fcaf58c2eb7d4315c31ef9f9ee0fd3210a6c4d6ea5eec1 2911 exim4_4.93-12~bpo10+1.dsc
618ee905ce06e2e8f5947dca0d3a073036f93c5cd99060d94a0187bd8564ee83 488184 exim4_4.93-12~bpo10+1.debian.tar.xz
6604863c389cdb6a25667a00e9df11a7badec9f14cf63c2efe4222a43e8a884f 211640 exim4-base-dbgsym_4.93-12~bpo10+1_amd64.deb
50240077d9f8361ae7a64817c44a8abb055bf03fb7ef7475518ca8579db4b3ba 1152248 exim4-base_4.93-12~bpo10+1_amd64.deb
c9c8e97f1cba2db1b147b9d5e062519fb6fb2b4ddf5a6a9a937a0c5e521fa1ae 327960 exim4-config_4.93-12~bpo10+1_all.deb
38f508b7f1ceeb132f408b1dd63dfce86e6138a14b4dd91f272271028ce90c49 1427456 exim4-daemon-heavy-dbgsym_4.93-12~bpo10+1_amd64.deb
198038f0e5bd72234363ebfa7ec248e234355c507270953eadeb6b27c74cd752 683196 exim4-daemon-heavy_4.93-12~bpo10+1_amd64.deb
9e811717c3330eedc23e4e04b432c74012950ea8be551d5c0de971890e01d448 1253600 exim4-daemon-light-dbgsym_4.93-12~bpo10+1_amd64.deb
ddbfd46925d6f9aa8b4bc7ebaf8754370f882bdffadc2ff032b154b789a3cf09 625640 exim4-daemon-light_4.93-12~bpo10+1_amd64.deb
e4d019404bc1db172eb1d86e9e876682b7054d80937da368b28b8e318f08c8b0 110832 exim4-dev_4.93-12~bpo10+1_amd64.deb
7f82ff1bcb799070d674b39b624138a1ce176a3e12afc4d924914944fb1e301c 7188 exim4_4.93-12~bpo10+1_all.deb
51bebb1e85f95118e662769ce85e414e0b263ad46e9fcb0840b5c065919282af 11195 exim4_4.93-12~bpo10+1_amd64.buildinfo
a75538d025902285554e5eb2e1731ba3c9acba160534cf26257dcc36cf8f2742 137880 eximon4-dbgsym_4.93-12~bpo10+1_amd64.deb
0b21b8b659885c28a335e8d8ce9a2c9da29986d063d6adcc0975824ae634c9f2 143460 eximon4_4.93-12~bpo10+1_amd64.deb
Files:
fe6be2f615ef1d668bb9ff166bdf93dc 2911 mail standard exim4_4.93-12~bpo10+1.dsc
0ea70e728a74a675af4d0228c31a533f 488184 mail standard exim4_4.93-12~bpo10+1.debian.tar.xz
9d8331c98536462b5fede6e24d43c371 211640 debug optional exim4-base-dbgsym_4.93-12~bpo10+1_amd64.deb
fa782c40dd3bf715c4c67028e8906a9c 1152248 mail optional exim4-base_4.93-12~bpo10+1_amd64.deb
b4dc49833b058d337a4649157fdf33eb 327960 mail optional exim4-config_4.93-12~bpo10+1_all.deb
39b858689dfa5a75e29f83405e93d05f 1427456 debug optional exim4-daemon-heavy-dbgsym_4.93-12~bpo10+1_amd64.deb
f749e301b76aac13d01ba3f789774f2a 683196 mail optional exim4-daemon-heavy_4.93-12~bpo10+1_amd64.deb
4312d52c0f4d0a25b641b15df9b1863e 1253600 debug optional exim4-daemon-light-dbgsym_4.93-12~bpo10+1_amd64.deb
a3b1c0f6eeb1289bf3584dc788c0f1ed 625640 mail optional exim4-daemon-light_4.93-12~bpo10+1_amd64.deb
9a56c5401e93ad15181b2609f1ee98b1 110832 mail optional exim4-dev_4.93-12~bpo10+1_amd64.deb
44b7b9a1ef4541b1e16172c352160ea7 7188 mail optional exim4_4.93-12~bpo10+1_all.deb
93cc0248fc5da77b7d7864ef9d733c37 11195 mail standard exim4_4.93-12~bpo10+1_amd64.buildinfo
e1720e0f152f62ae5735f82292ebf21a 137880 debug optional eximon4-dbgsym_4.93-12~bpo10+1_amd64.deb
ac55116d6e60a45c31f09fa2deefbb72 143460 mail optional eximon4_4.93-12~bpo10+1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAl5bjJUACgkQpU8BhUOC
FIQgpg//UMtuIihCwAd2dXEWrxGWY20NHajFD6nuuzCGQ9P+7mDrtvAJZ/wy9goI
IbcISD6q3EQ0Gc1VYqvDy+8MS3N0d7yoTWMBIrIZt8Xg4vAtPjBlUH2iwvkedXsv
I6EpxiQHDF6uU4vgdRwiHKf9xliFi5DXLkWvn2Hk/e8tGjLUo9oh4va6klBTtOQF
PYnPeP61reBn72OuDNHrwV5l0gB645jZ+1o8YTh/2EI/JHKhaNV/C/dKooqF2qwc
ORzhoIeB35R1OxHBAaORvA1X+vqATYx/4TsWg17jeLLzMRY2BRfcACUREvaml99D
q+JYdQFiDGBgR7xMQ+VSan5xOmS50CeoSCO4QRc2hRmDCOhPfsDqrj7Ti1fK9uQT
owmGhRCBoRki8B7mWMfiEuFHA/nbZxGAeu+CJR+MurAOQql3ZUY7kv69srbwND2t
7GL5OInk8mU05DcxjFWn8IF4yeXt1o6hle3K7TTYGk3Rmkqhhv1XufHBdzHulAO+
n0GFoJnzOyTpNRePjcU+2M7XvvE/8KexKnYhUEvGd+qcAYvUFxWiQt/RfDv9uE7l
VsowbWfQ3UEUGAM+tU/xhf0Yoafg090zIchuSDhKplOZ2BKLHq2kzzArJi4VzVqn
yU/sdbnPIsXiB3lkmDeXbhs+cpZ0RJLIfE0kiY05ldlQ1NZctIo=
=JQMK
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-exim4-maintainers
mailing list