diff options
| author | Andreas Metzler <ametzler@debian.org> | 2011-01-29 13:41:20 +0000 |
|---|---|---|
| committer | Andreas Metzler <ametzler@debian.org> | 2011-01-29 13:41:20 +0000 |
| commit | 61c49dca4f5b6aa30b4b4a638697d5aaec314e73 (patch) | |
| tree | 42671e020710ead612ce6e20d2135191b863793d | |
| parent | 07a25d591613afdc1eada41cfae8ca6518ad2a99 (diff) | |
| download | exim4-61c49dca4f5b6aa30b4b4a638697d5aaec314e73.tar.gz | |
Upload 4.72-5 to unstable
80_4.74_deliverylogging.patch (Pulled from upstream git): If a non-debug
daemon was invoked with a non-whitelisted macro, then logs from after
attempting delivery would be silently lost, including for successful
delivery. This log-loss bug was introduced as part of the security
lockdown for fixing CVE-2010-4345. Closes: #610611
svn path=/exim/trunk/; revision=2567
| -rw-r--r-- | debian/changelog | 10 | ||||
| -rw-r--r-- | debian/patches/80_4.74_deliverylogging.patch | 29 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 37 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog index ba2d7c6..5b8e39f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,12 @@ -exim4 (4.72-5) UNRELEASED; urgency=low +exim4 (4.72-5) unstable; urgency=medium - * NOT RELEASED YET + * 80_4.74_deliverylogging.patch (Pulled from upstream git): If a non-debug + daemon was invoked with a non-whitelisted macro, then logs from after + attempting delivery would be silently lost, including for successful + delivery. This log-loss bug was introduced as part of the security + lockdown for fixing CVE-2010-4345. Closes: #610611 - -- Andreas Metzler <ametzler@debian.org> Sat, 22 Jan 2011 18:29:22 +0100 + -- Andreas Metzler <ametzler@debian.org> Sat, 29 Jan 2011 14:33:36 +0100 exim4 (4.72-4) unstable; urgency=medium diff --git a/debian/patches/80_4.74_deliverylogging.patch b/debian/patches/80_4.74_deliverylogging.patch new file mode 100644 index 0000000..d3569a8 --- /dev/null +++ b/debian/patches/80_4.74_deliverylogging.patch @@ -0,0 +1,29 @@ +From b7487bcec431809cb7fc3c2b42fcd607e43d37e7 Mon Sep 17 00:00:00 2001 +From: Phil Pennock <pdp@exim.org> +Date: Sun, 23 Jan 2011 05:44:45 -0500 +Subject: [PATCH 1/2] Bug 1071: fix delivery logging with untrusted macros. + +If dropping privileges for untrusted macros, we disabled normal logging +on the basis that it would fail; for the Exim run-time user, this is not +the case, and it resulted in successful deliveries going unlogged. + + +diff -NurBbp a/src/exim.c b/src/exim.c +--- a/src/exim.c 2011-01-29 14:20:00.000000000 +0100 ++++ b/src/exim.c 2011-01-29 14:20:37.000000000 +0100 +@@ -3426,9 +3426,13 @@ if (( + and should be used for any logging information because attempts to write + to the log will usually fail. To arrange this, we unset really_exim. However, + if no stderr is available there is no point - we might as well have a go +- at the log (if it fails, syslog will be written). */ ++ at the log (if it fails, syslog will be written). + +- if (log_stderr != NULL) really_exim = FALSE; ++ Note that if the invoker is Exim, the logs remain available. Messing with ++ this causes unlogged successful deliveries. */ ++ ++ if ((log_stderr != NULL) && (real_uid != exim_uid)) ++ really_exim = FALSE; + } + + /* Privilege is to be retained for the moment. It may be dropped later, diff --git a/debian/patches/series b/debian/patches/series index 0a7673e..a6c8da3 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -19,3 +19,4 @@ 80_4.73rc1_7_filter_D_option.patch 80_4.73rc1_8_updatedocumentation.patch 80_4.74_CVE-2011-0017.patch +80_4.74_deliverylogging.patch |