exim4_4.93-13~bpo10+1_multi.changes ACCEPTED into buster-backports
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Wed Mar 25 17:19:30 GMT 2020
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Mar 2020 18:27:33 +0100
Source: exim4
Architecture: source
Version: 4.93-13~bpo10+1
Distribution: buster-backports
Urgency: critical
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers at lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler at debian.org>
Closes: 399930 611085 780033 823831 885149 927280 927741 932328 933231 942292 943006 944060 944199 944786 945943 949034 950973 952451
Changes:
exim4 (4.93-13~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
.
exim4 (4.93-13) unstable; urgency=medium
.
* Update from exim-4.93+fixes:
+ 74_29-Fix-mime_part_count-for-non-mime-message-on-multi-me.patch
+ 74_31-Taint-track-in-utf8clean-operator.patch
+ 74_32-Fix-spurious-detection-of-timeout-while-writing-to-t.patch
+ 74_33-Fix-segfault-on-bad-cmdline-f-sender-argument.-Bug-2.patch
* [lintian] Move eximon.bin from /usr/lib/exim4 to /usr/libexec/exim4.
.
exim4 (4.93-12) unstable; urgency=low
.
* Update from exim-4.93+fixes:
+ 74_28-Fix-tr-expansion-item.-Bug-2533.patch
* Recover more gracefull from half installed state after trying to install
without util-linux (essential) installed. Closes: #952451 (Thanks, James
Le Cuirot for the patch)
* Use macro ("ROUTER_DNSLOOKUP_IGNORE_TARGET_HOSTS") for ignore_target_hosts
list setting on dnslookup router. Extend list by corresponding IPv6
entries (Thanks, C Snover) Closes: #950973
* Add REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE to allow setting headers_remove
on both remote_smtp and remote_smtp_smarthost transports. Closes: #927741
.
exim4 (4.93-11) unstable; urgency=medium
.
* Update from exim-4.93+fixes:
+ 74_26-Auths-fix-cyrus-sasl-driver-for-gssapi-use.-Bug-2524.patch
+ 74_27-GnuTLS-fix-hanging-callout-connections.patch
.
exim4 (4.93-10) unstable; urgency=medium
.
* Refresh debian/upstream/signing-key.asc from
https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
* Update from exim-4.93+fixes:
+ 74_23-Fix-taint-hybrid-checking-on-BSD.patch
+ 74_24-TFO-even-in-binary-built-for-modern-Linux-handle-err.patch
+ 74_25-Taint-slow-mode-checking-only.patch
.
exim4 (4.93-9) unstable; urgency=medium
.
* Add 74_22-Taint-hybrid-checking-mode.patch.
.
exim4 (4.93-8) unstable; urgency=medium
.
* Refresh debian/upstream/signing-key.asc from
https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
* More updates from exim-4.93+fixes:
+ 74_19-SPF-fix-result-for-case-of-only-non-spf-TXT-RRs.-Bug.patch
+ 74_20-Fix-error-logging-for-dynamically-loaded-modules.-Bu.patch
+ 74_21-heimdal-auth-fix-the-increase-of-big_buffer-size.-Bu.patch
Closes: #949034
.
exim4 (4.93-7) unstable; urgency=medium
.
* README.Debian: Expand a little bit on how macros work. (See #948308)
* Upload to unstable.
.
exim4 (4.93-6) experimental; urgency=low
.
* Improve on reproducible build, set EXIM_ARCHTYPE=DEB_TARGET_GNU_CPU to
override/avoid CPU detection with uname -m.
* More updates from exim-4.93+fixes:
74_18-SPF-fix-handling-mix-of-spf-and-other-txt-records.-B.patch
* Polish debian/rules. (Use CURDIR instead of executing `pwd`, avoid :=
assignments with $(shell).
* Build with SMTPUTF8 support. (SUPPORT_I18N_2008 and SUPPORT_I18N)
Closes: #885149
In configuration set smtputf8_advertise_hosts to '' instead of '*'.
.
exim4 (4.93-5) unstable; urgency=medium
.
* More updates from exim-4.93+fixes:
74_14-SPF-only-require-v-spf1-on-TXT-DNS-records-during-lo.patch
74_15-Eximon-fix-string-handling.-Bug-2500.patch
74_16-Fix-build-with-heimdal-gssapi.-Bug-2501.patch
74_17-Fix-the-variables-set-by-gsasl-authenticator.patch
.
exim4 (4.93-4) unstable; urgency=medium
.
* Improve on TLS info in README.Debian.
* More updates from exim-4.93+fixes:
74_10-DMARC-default-dmarc_tld_file-to-unset.-Bug-2494.patch
74_11-Zero-smtp-context-structure-after-allocation.patch
74_13-ARC-Reset-received-ARC-instance-counter-before-next-.patch
.
exim4 (4.93-3) unstable; urgency=medium
.
* More updates (4.93.0.3) from exim-4.93+fixes:
74_08-ARC-fix-crash-induced-by-misordered-headers.-Bug-249.patch
74_09-Fix-taint-issue-with-retry-records.-Bug-2492.patch
.
exim4 (4.93-2) unstable; urgency=medium
.
* Update to exim-4.93+fixes branch
74_01-PAM-fix-crash-in-the-pam-expansion-condition.-Bug-24.patch
74_02-Regard-command-line-recipients-as-tainted.patch
74_03-TFO-disable-for-FreeBSD.patch
74_04-Hurd-errno-really-uses-more-than-a-short-sized-value.patch
74_06-local_scan-align-local_scan.h-and-docs-re.-store_get.patch
74_07-Fix-taint-issue-in-transport-with-DSN.-Bug-2491.patch
.
exim4 (4.93-1) unstable; urgency=low
.
* Point watchfile to release directory again.
* New upstream version.
.
exim4 (4.93~RC7-1) unstable; urgency=low
.
* New upstream version.
+ Update md5 hash for upstream example configuration. (Change not relevant
for Debian)
* 75_01-Build-Enable-GNU-Hurd-Bug-2476.patch and
75_02-TFO-disable-for-FreeBSD.patch from upstream 4.next branch: Re-enable
build on GNU/hurd. (Thanks. Samuel Thibault) Closes: #945943
.
exim4 (4.93~RC5-1) unstable; urgency=low
.
* New upstream version.
+ Bump exim4-localscanap Provides.
.
exim4 (4.93~RC4-1) unstable; urgency=low
.
* New upstream version.
.
exim4 (4.93~RC3-1) unstable; urgency=low
.
* Drop (dead) link to openspf.org in rcpt ACL message string.
Closes: #944786
* New upstream version.
+ Unfuzz 90_localscan_dlopen.dpatch.
.
exim4 (4.93~RC2-1) unstable; urgency=low
.
* New upstream beta version.
+ Drop patches/75*.
* Allow overriding cron.daily paniclog report recipient. Closes: #611085
* Add REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES and
REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS to set tls_verify_certificates and
tls_verify_hosts respectively on the remote_smtp_smarthost transport.
Closes: #823831
In addition to that add REMOTE_SMTP_HOSTS_REQUIRE_TLS to set
hosts_require_tls for the remote_smtp transport. Closes: #780033
.
exim4 (4.93~RC1-4) unstable; urgency=low
.
* Add libnet-ssleay-perl dependency to "basic" autopkg test. We do not need
it yet but will forget for sure to add it when we do.
* Following upstream defaults do not disable incoming TLS by default - i.e.
if MAIN_TLS_ENABLE is not set - but use a self-signed certificate.
(Relevant upstream changes: tls_advertise_hosts defaults to * for TLS
builds since 4.87_JH/18, on-demand generation of self-signed certificate
for inbound SMTP since 4.88_JH/05, 4.93_JH/23 TLS enabled build by
default.)
* 75_02-Revert-preallocate-store-for-config-which-appears-to.patch: Fix
mismerge which triggered a test error on mipsel. Closes: #944060
.
exim4 (4.93~RC1-3) unstable; urgency=low
.
* 75_01-Dsearch-Fix-taint-handling-in-lookup.-Bug-2465.patch: Untaint
dsearch lookup. Closes: #944199
.
exim4 (4.93~RC1-2) unstable; urgency=low
.
* autopkg test: Drop (python2) test for ancient vulnerability and do some
basic testing with swaks instead. Closes: #943006
* Upload to unstable.
.
exim4 (4.93~RC1-1) experimental; urgency=low
.
* New upstream beta version.
+ Drop 75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch,
75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch and
75_03_Fix-local-scan-ABI.-Bug-2458.patch.
+ Update debian/example.conf.md5 (Removal of dnssec_request_domains was
already implemented in 4.93~RC0-1.)
* exigrep does case sensitive *option* processing (as it did for all
versions <4.90). Notably -M, -m, --invert, -I may be affected.
Closes: #927280
(This change was already present in RC0.)
.
exim4 (4.93~RC0-2) experimental; urgency=low
.
* 75_03_Fix-local-scan-ABI.-Bug-2458.patch: Fix function prototypes in
local_scan.h.
* 90_localscan_dlopen.dpatch: Unfuzz, mark
string_copy_function/string_copy_taint_function/string_copyn_function in
string.c as visible.
* Provide exim4-localscanapi-2.1.
* Drop sa-exim Breaks, the localscanapi version bump makes this superfluous.
.
exim4 (4.93~RC0-1) experimental; urgency=low
.
* Point watchfile to test-subdirectory.
* New upstream beta version.
+ Drop debian/patches/7[56]*.
+ Unfuzz 90_localscan_dlopen.dpatch.
+ Unfuzz/update (explicit -lnsl) debian/EDITME*
+ Update configuration, mirorring upstream changes.
Both dnssec_request_domains and hosts_try_dane now default to '*', drop
these settings. REMOTE_SMTP_DISABLE_DANE is a noop, now.
+ Exim DH param configuration (tls_dhparam) now makes use of the current
GnuTLS (> 3.6) functionality, which implements rfc 7919. Drop
unnecessary packaging bits.
+ Pull post release fix from upstream GIT
(75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch) to fix build error
with HAVE_LOCAL_SCAN=yes.
+ Update 90_localscan_dlopen.dpatch to #include documented interface
(local_scan.h) instead of exim.h.
* debian/rules: Do not try to build -heavy if -light failed.
* 75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch:
Post-release hix from upstream GIT.
https://bugs.exim.org/show_bug.cgi?id=2454
* The localscan dlopen functionality is broken, (temporarily) drop
exim4-localscanapi-2.0 from Provides.
.
exim4 (4.92.3-1) unstable; urgency=medium
.
* Fix (commented) examples in configuration for clamd and courier authdaemon
to refer to /run instead of /var/run. Closes: #942292
* While we are at it also fix exim pid file path in exim(8).
* New upstream version (identical to 4.92.2 +
75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch, i.e.
4.92.2-3).
* Use patches from exim-4.92.3+fixes, add
75_36-Fix-errorcheck-in-smtp-transport.patch.
* [lintian] Set Rules-Requires-Root: binary-targets.
.
exim4 (4.92.2-3) unstable; urgency=critical
.
* 75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch: Fix buffer
overflow in string_vformat. CVE-2019-16928
.
exim4 (4.92.2-2) unstable; urgency=medium
.
* Upload to unstable.
.
exim4 (4.92.2-1) experimental; urgency=medium
.
* New upstream security release (identical except for the version number to
4.92.1 + 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch).
+ Drop 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch.
* Refresh from exim-4.92.2+fixes branch:
+ 75_32-Fix-domain-for-a-bare-local-part-input.-Bug-2375.patch
+ 75_33-exim_dbmbuild-handle-0-sequence.patch
+ 75_34-fixup-exim_dbmbuild-handle-0-sequence.patch
.
exim4 (4.92.1-3) unstable; urgency=high
.
* 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch - Fix SNI
related buffer overflow. CVE-2019-15846
.
exim4 (4.92.1-2) unstable; urgency=medium
.
* Pulled from exim-4.92+fixes branch:
+ 75_30-Fix-crash-after-TLS-channel-shutdown.patch
+ 75_31-Auth-handle-socket-read-errors-in-Dovecot-authentica.patch
* Add Breaks: sa-exim (<< 4.2.1-17) to -heavy, see #930648.
* Change *.logrotate to nocreate to work around #400198.
Closes: #399930
.
exim4 (4.92.1-1) unstable; urgency=low
.
* New upstream bugfix release. (4.92.1 is 4.92 + the fix for CVE-2019-13917,
so there are no source changes to the previous upload.)
+ Drop 77_Avoid-re-expansion-in-sort-CVE-2019-13917-OVE-201907.patch.
+ Use patches from exim-4.92.1+fixes branch.
* In cron.daily use '/usr/sbin/exim4 -be '${primary_hostname}' instead of
hostname --fqdn to get local hostname (for information purposes).
Closes: #933231
* Run exim4-base daily job via systemd.timer to guarantee execution before
logrotate. Closes: #932328 (Thanks to Sven Hartge for bug-report and
patch)
* Add systemd-sysv as alternative for fulfilling the cron dependency.
* Use debhelper 12 compat.
Checksums-Sha1:
d4cd92018cc49bf5529f004ccd187a9f67db30f4 2911 exim4_4.93-13~bpo10+1.dsc
d953d3da1d73abeb68a858fde777b2025b165c02 490060 exim4_4.93-13~bpo10+1.debian.tar.xz
Checksums-Sha256:
138acfc744f124fea1c243bc5f67ade8d12fec7e9f9ac33253015df022bbbf53 2911 exim4_4.93-13~bpo10+1.dsc
6a445a18e846812e5f5e74f387ae7b0e7324801b0408d38c8486526e92543927 490060 exim4_4.93-13~bpo10+1.debian.tar.xz
Files:
ed61b96b786c2a1713908de51627216a 2911 mail standard exim4_4.93-13~bpo10+1.dsc
4a2b02eb5eb34cb3f78e3470f563d40b 490060 mail standard exim4_4.93-13~bpo10+1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAl56RRgACgkQpU8BhUOC
FISG8w//QtDy74m9xyAHW5FCrACrWVH/Xn+DdMcgvb5CoK9RYKScXxZc59+tdavE
CpEKyau9JOfYlQtyVrz8X9qJSo3EeJJD/pPGYI4UFStdUgatAq3EU5x9yk7VN+YP
LGwi1MFEBxhUMlhJcOLrFpQEvjB0sHXL4GsTNautwCW7yyKuQ1t5mm0uUl4PxG+q
Y5kUVis2hS1Doze0d9X1otpxfZo9LU2oPBp3O25gaywP2YPniRBHqitr+NUXNTKz
4tMbpQ6iCAeYsV1y/5WZfefVMlUqumcFy34XcbNvQD7N4GWzTaXpeeJVFBHQfZwp
TabPBPiEt+17/k+WXiVua0jEPiSd7sxH5XYQGkMsfVHPadQgcpyPVpkVt7V/NtlI
dQ1PzA9VAo+6FlAKX8qOmz5vgWEsRyUXs9/1ZxcuB0whle1ucPjapzDUSjelLnSi
IgMtXdiVo+nNMSnbuznTRWSQ2myZXGWx2KUXspZkagEbnesFRcHGxEZpUIlnTEFb
o00L5DLK52x+dL9qQD68ZOCBJ1K/PC9gcyoFTjMSAPcIv1b7x+gmP43oziYKNroi
DIlz7wNFHD5SvOvt/kRn+CV8OghCAANDba2VzpTKM22fUgflQ1826uZlnFr/DJWz
BhNQo1DEuSYGOu2ZdGSp3b2u8SU+UADF/MVZVrNaAkqJ/MkZZ+8=
=ASwk
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-exim4-maintainers
mailing list