From a18b5375210de8346eeb07f3078936174dc1ef60 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 5 Jan 2014 08:12:26 +0100 Subject: exim4_files -> exim4-config_files Correct title/name of exim4-config_files(5). (Thanks, Heiko Schlittermann) Closes: #734212 --- debian/changelog | 7 +++++++ debian/manpages/exim4-config_files.5 | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index ddd0cc0..c39573e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +exim4 (4.82-4) UNRELEASED; urgency=low + + * Correct title/name of exim4-config_files(5). (Thanks, Heiko Schlittermann) + Closes: #734212 + + -- Andreas Metzler Sun, 05 Jan 2014 08:09:42 +0100 + exim4 (4.82-3) unstable; urgency=low * Upload to unstable. diff --git a/debian/manpages/exim4-config_files.5 b/debian/manpages/exim4-config_files.5 index dc01d01..dc4a52c 100644 --- a/debian/manpages/exim4-config_files.5 +++ b/debian/manpages/exim4-config_files.5 @@ -2,7 +2,7 @@ .\" First parameter, NAME, should be all caps .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection .\" other parameters are allowed: see man(7), man(1) -.TH EXIM4_FILES 5 "Jun 21, 2006" EXIM4 +.TH EXIM4-CONFIG_FILES 5 "Jan 5, 2014" EXIM4 .\" Please adjust this date whenever revising the manpage. .\" .\" Some roff macros, for reference: @@ -18,7 +18,7 @@ .\" \(oqthis text is enclosed in single quotes\(cq .\" \(lqthis text is enclosed in double quotes\(rq .SH NAME -exim4_files \- Files in use by the Debian exim4 packages +exim4-config_files \- Files in use by the Debian exim4 packages .SH SYNOPSIS .br /etc/aliases -- cgit v1.2.3 From d9c35eed3bbdd27eb93df070db40ee2147b6439d Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 9 Feb 2014 19:26:41 +0100 Subject: GNU/hurd does not support IPV6_TCLASS yet. 80_fix_ftbfs_hurd.diff by Samuel Thibault fixes FTBFS on GNU/hurd due to missing support for TCLASS. Closes: #738445 --- debian/changelog | 2 ++ debian/patches/80_fix_ftbfs_hurd.diff | 18 ++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 21 insertions(+) create mode 100644 debian/patches/80_fix_ftbfs_hurd.diff (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index c39573e..6ee97e6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,8 @@ exim4 (4.82-4) UNRELEASED; urgency=low * Correct title/name of exim4-config_files(5). (Thanks, Heiko Schlittermann) Closes: #734212 + * 80_fix_ftbfs_hurd.diff by Samuel Thibault fixes FTBFS on GNU/hurd due to + missing support for TCLASS. Closes: #738445 -- Andreas Metzler Sun, 05 Jan 2014 08:09:42 +0100 diff --git a/debian/patches/80_fix_ftbfs_hurd.diff b/debian/patches/80_fix_ftbfs_hurd.diff new file mode 100644 index 0000000..c2a5a29 --- /dev/null +++ b/debian/patches/80_fix_ftbfs_hurd.diff @@ -0,0 +1,18 @@ +Description: Fix FTBFS on hurd due to missing IPV6_TCLASS support. +Author: Samuel Thibault +Bug-Debian: http://bugs.debian.org/738445 +Origin: vendor +Forwarded: no +Last-Update: 2014-02-09 + +--- exim4-4.82.orig/src/ip.c ++++ exim4-4.82/src/ip.c +@@ -464,7 +464,7 @@ if (af == AF_INET) + *level = IPPROTO_IP; + *optname = IP_TOS; + } +-#if HAVE_IPV6 ++#if HAVE_IPV6 && defined(IPV6_TCLASS) + else if (af == AF_INET6) + { + *level = IPPROTO_IPV6; diff --git a/debian/patches/series b/debian/patches/series index 7cac351..bbb0dff 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,3 +11,4 @@ 75_unbind-ldap-connection.diff 76_fix_ldap_option_setting.diff 77_close-the-server-side-of-TLS.diff +80_fix_ftbfs_hurd.diff -- cgit v1.2.3 From bab098f38420a61d252ce56c2191229bf699f8ee Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 9 Feb 2014 19:39:50 +0100 Subject: Check gpg sig. Add debian/upstream-signing-key.pgp (listed in debian/source/include-binaries) and update watchfile to check upstream signature. --- debian/changelog | 3 +++ debian/source/include-binaries | 1 + debian/upstream-signing-key.pgp | Bin 0 -> 8884 bytes debian/watch | 3 ++- 4 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 debian/source/include-binaries create mode 100644 debian/upstream-signing-key.pgp (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 6ee97e6..7442881 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,9 @@ exim4 (4.82-4) UNRELEASED; urgency=low Closes: #734212 * 80_fix_ftbfs_hurd.diff by Samuel Thibault fixes FTBFS on GNU/hurd due to missing support for TCLASS. Closes: #738445 + * Add debian/upstream-signing-key.pgp (listed in + debian/source/include-binaries) and update watchfile to check + upstream signature. -- Andreas Metzler Sun, 05 Jan 2014 08:09:42 +0100 diff --git a/debian/source/include-binaries b/debian/source/include-binaries new file mode 100644 index 0000000..95a390b --- /dev/null +++ b/debian/source/include-binaries @@ -0,0 +1 @@ +debian/upstream-signing-key.pgp diff --git a/debian/upstream-signing-key.pgp b/debian/upstream-signing-key.pgp new file mode 100644 index 0000000..631e571 Binary files /dev/null and b/debian/upstream-signing-key.pgp differ diff --git a/debian/watch b/debian/watch index 27fb890..eac4c0a 100644 --- a/debian/watch +++ b/debian/watch @@ -1,2 +1,3 @@ -version=2 +version=3 +opts=pgpsigurlmangle=s/$/.asc/ \ http://ftp.exim.org/pub/exim/exim4/exim-(\d.*)\.(?:tgz|tar\.(?:gz|bz2|xz)) -- cgit v1.2.3 From 61c9fad80bde720d3958f6663988ee0e823c137d Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 9 Feb 2014 19:44:28 +0100 Subject: Upload to unstable. --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 7442881..fd898df 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -exim4 (4.82-4) UNRELEASED; urgency=low +exim4 (4.82-4) unstable; urgency=medium * Correct title/name of exim4-config_files(5). (Thanks, Heiko Schlittermann) Closes: #734212 @@ -8,7 +8,7 @@ exim4 (4.82-4) UNRELEASED; urgency=low debian/source/include-binaries) and update watchfile to check upstream signature. - -- Andreas Metzler Sun, 05 Jan 2014 08:09:42 +0100 + -- Andreas Metzler Sun, 09 Feb 2014 19:41:34 +0100 exim4 (4.82-3) unstable; urgency=low -- cgit v1.2.3 From 9111f58d1056eb692def9909e662c04851f682d1 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 9 Feb 2014 20:02:16 +0100 Subject: Mark 80_fix_ftbfs_hurd.diff as forwarded. --- debian/patches/80_fix_ftbfs_hurd.diff | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/patches/80_fix_ftbfs_hurd.diff b/debian/patches/80_fix_ftbfs_hurd.diff index c2a5a29..003e356 100644 --- a/debian/patches/80_fix_ftbfs_hurd.diff +++ b/debian/patches/80_fix_ftbfs_hurd.diff @@ -2,7 +2,7 @@ Description: Fix FTBFS on hurd due to missing IPV6_TCLASS support. Author: Samuel Thibault Bug-Debian: http://bugs.debian.org/738445 Origin: vendor -Forwarded: no +Forwarded: http://bugs.exim.org/show_bug.cgi?id=1441 Last-Update: 2014-02-09 --- exim4-4.82.orig/src/ip.c -- cgit v1.2.3 From a91772fceeac264f1c053871c8b55c8ed6356007 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Mon, 10 Feb 2014 18:28:43 +0100 Subject: Mark 80_fix_ftbfs_hurd.diff as applied upstream. --- debian/patches/80_fix_ftbfs_hurd.diff | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/patches/80_fix_ftbfs_hurd.diff b/debian/patches/80_fix_ftbfs_hurd.diff index 003e356..8119c95 100644 --- a/debian/patches/80_fix_ftbfs_hurd.diff +++ b/debian/patches/80_fix_ftbfs_hurd.diff @@ -2,7 +2,7 @@ Description: Fix FTBFS on hurd due to missing IPV6_TCLASS support. Author: Samuel Thibault Bug-Debian: http://bugs.debian.org/738445 Origin: vendor -Forwarded: http://bugs.exim.org/show_bug.cgi?id=1441 +Forwarded: http://git.exim.org/exim.git/commitdiff/bb7b9411e1b4f95418bed7b35035186e261063a6 Last-Update: 2014-02-09 --- exim4-4.82.orig/src/ip.c -- cgit v1.2.3 From d6f67f7e559879d56b7652e09d16c0f7a4b45738 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Wed, 12 Feb 2014 19:45:14 +0100 Subject: Upgrade to libdb5.3 Upgrade to libdb5.3-dev. Closes: #738637 Be paranoid and bump BDBVERSION in exim4-base.postinst from 3.0 (no idea why this did not read 5.1) to 5.3, therefore purging hints db on upgrades. --- debian/changelog | 8 ++++++++ debian/control | 2 +- debian/exim4-base.postinst | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index fd898df..3563765 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +exim4 (4.82-5) unstable; urgency=medium + + * Upgrade to libdb5.3-dev. Closes: #738637 Be paranoid and bump BDBVERSION + in exim4-base.postinst from 3.0 (no idea why this did not read 5.1) to + 5.3, therefore purging hints db on upgrades. + + -- Andreas Metzler Wed, 12 Feb 2014 19:31:55 +0100 + exim4 (4.82-4) unstable; urgency=medium * Correct title/name of exim4-config_files(5). (Thanks, Heiko Schlittermann) diff --git a/debian/control b/debian/control index 1bfac4a..d2958f2 100644 --- a/debian/control +++ b/debian/control @@ -11,7 +11,7 @@ Vcs-Git: git://anonscm.debian.org/pkg-exim4/exim4.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-exim4/exim4.git Build-Depends: debhelper (>= 7.0.15), po-debconf, docbook-xsl, xsltproc, lynx-cur | lynx, docbook-xml, libpcre3-dev, libldap2-dev, libpam0g-dev, - libident-dev, libdb5.1-dev, libxmu-dev, libxt-dev, libxext-dev, libx11-dev, + libident-dev, libdb5.3-dev, libxmu-dev, libxt-dev, libxext-dev, libx11-dev, libxaw7-dev, libpq-dev, libmysqlclient-dev | libmysqlclient15-dev, libsqlite3-dev, libperl-dev, libgnutls-dev, libsasl2-dev XS-Testsuite: autopkgtest diff --git a/debian/exim4-base.postinst b/debian/exim4-base.postinst index 9c5e57e..66e9a1a 100644 --- a/debian/exim4-base.postinst +++ b/debian/exim4-base.postinst @@ -10,7 +10,7 @@ fi db_version 2.0 -BDBVERSION=3.0 +BDBVERSION=5.3 case "$1" in configure) -- cgit v1.2.3 From d03370f79a6a592d56e9d68874e0a61b1ab0a85a Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Tue, 25 Feb 2014 19:15:59 +0100 Subject: autopkgtest invokes python, add dependeny. debian/tests/control: Add missing python test dependency, as debian/tests/security calls python. Closes: #740092 --- debian/changelog | 8 ++++++++ debian/tests/control | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 3563765..c3fe7ae 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +exim4 (4.82-6) UNRELEASED; urgency=medium + + [ Martin Pitt ] + * debian/tests/control: Add missing python test dependency, as + debian/tests/security calls python. Closes: #740092 + + -- Andreas Metzler Tue, 25 Feb 2014 19:14:21 +0100 + exim4 (4.82-5) unstable; urgency=medium * Upgrade to libdb5.3-dev. Closes: #738637 Be paranoid and bump BDBVERSION diff --git a/debian/tests/control b/debian/tests/control index 21b2149..0e64126 100644 --- a/debian/tests/control +++ b/debian/tests/control @@ -1,3 +1,3 @@ Tests: daemon security -Depends: exim4 +Depends: exim4, python Restrictions: needs-root -- cgit v1.2.3 From 6a56948c0f4f81664084d913dc5c2853f5877c42 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sat, 5 Apr 2014 14:21:19 +0200 Subject: Build against GnuTLS v3. Now that GMP has been relicensed to LGPLv3+/GPLv2+ build exim against GnuTLS v3. --- debian/changelog | 8 ++++++-- debian/control | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index c3fe7ae..bcf3536 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,14 @@ -exim4 (4.82-6) UNRELEASED; urgency=medium +exim4 (4.82-6) experimental; urgency=medium [ Martin Pitt ] * debian/tests/control: Add missing python test dependency, as debian/tests/security calls python. Closes: #740092 - -- Andreas Metzler Tue, 25 Feb 2014 19:14:21 +0100 + [ Andreas Metzler ] + * Now that GMP has been relicensed to LGPLv3+/GPLv2+ build exim against + GnuTLS v3. + + -- Andreas Metzler Sat, 05 Apr 2014 14:18:11 +0200 exim4 (4.82-5) unstable; urgency=medium diff --git a/debian/control b/debian/control index d2958f2..b963e69 100644 --- a/debian/control +++ b/debian/control @@ -13,7 +13,7 @@ Build-Depends: debhelper (>= 7.0.15), po-debconf, docbook-xsl, xsltproc, lynx-cur | lynx, docbook-xml, libpcre3-dev, libldap2-dev, libpam0g-dev, libident-dev, libdb5.3-dev, libxmu-dev, libxt-dev, libxext-dev, libx11-dev, libxaw7-dev, libpq-dev, libmysqlclient-dev | libmysqlclient15-dev, - libsqlite3-dev, libperl-dev, libgnutls-dev, libsasl2-dev + libsqlite3-dev, libperl-dev, libgnutls28-dev, libsasl2-dev XS-Testsuite: autopkgtest Package: exim4-base -- cgit v1.2.3 From 741bdecec7efeaca47bf505185dd55adb4fb2aaa Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 6 Apr 2014 08:49:31 +0200 Subject: Bump exim4-base's dep on exim4-config to >= 4.82. 4.82 deprecated $tls_bits, $tls_certificate_verified, $tls_cipher, $tls_peerdn, $tls_sni and introduced tls_in_*/tls_out_* variants of these variables which describe the respective status of the current incoming or outgoing TLS connection. The rationale for this is that a single exim process can now use both an incoming (message reception) and outgoing TLS connection (callout or cutthrough delivery) concurrently. With this change the "old" variables were mapped to tls_in_*, i.e. they expand to empty values on outgoing connections. (This is not yet documented.) Outgoing tls-connections can therefore not be detected by nonempty $tls_cipher anymore. exim4-config << 4.82 used this mechanism to prevent sending of plaintext AUTH information on unencrypted connections. Force a lockstep upgrade of exim4-config by bumping the version of exim4-base's dependency on exim4-config to >= 4.82. Closes: #742901, #736081 --- debian/changelog | 20 ++++++++++++++++++-- debian/control | 2 +- 2 files changed, 19 insertions(+), 3 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index c3fe7ae..2a4798f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,26 @@ -exim4 (4.82-6) UNRELEASED; urgency=medium +exim4 (4.82-7) unstable; urgency=high [ Martin Pitt ] * debian/tests/control: Add missing python test dependency, as debian/tests/security calls python. Closes: #740092 - -- Andreas Metzler Tue, 25 Feb 2014 19:14:21 +0100 + [ Andreas Metzler ] + * 4.82 deprecated $tls_bits, $tls_certificate_verified, $tls_cipher, + $tls_peerdn, $tls_sni and introduced tls_in_*/tls_out_* variants of these + variables which describe the respective status of the current incoming or + outgoing TLS connection. The rationale for this is that a single exim + process can now use both an incoming (message reception) and outgoing + TLS connection (callout or cutthrough delivery) concurrently. With this + change the "old" variables were mapped to tls_in_*, i.e. they expand to + empty values on outgoing connections. (This is not yet documented.) + Outgoing tls-connections can therefore not be detected by nonempty + $tls_cipher anymore. exim4-config << 4.82 used this mechanism to prevent + sending of plaintext AUTH information on unencrypted connections. Force a + lockstep upgrade of exim4-config by bumping the version of exim4-base's + dependency on exim4-config to >= 4.82. + Closes: #742901, #736081 + + -- Andreas Metzler Sun, 06 Apr 2014 08:32:11 +0200 exim4 (4.82-5) unstable; urgency=medium diff --git a/debian/control b/debian/control index d2958f2..9fd2007 100644 --- a/debian/control +++ b/debian/control @@ -23,7 +23,7 @@ Breaks: exim4-daemon-light (<<${Upstream-Version}), exim4-daemon-custom (<<${Upstream-Version}) Conflicts: exim, exim-tls Replaces: exim, exim-tls, exim4-daemon-light, exim4-daemon-heavy, exim4-daemon-custom -Depends: ${shlibs:Depends}, ${misc:Depends}, cron | fcron, exim4-config (>=4.30) | exim4-config-2, adduser, netbase, lsb-base (>= 3.0-6) +Depends: ${shlibs:Depends}, ${misc:Depends}, cron | fcron, exim4-config (>=4.82) | exim4-config-2, adduser, netbase, lsb-base (>= 3.0-6) # psmisc just for exiwhat. Recommends: psmisc, mailx, perl-modules Suggests: mail-reader, eximon4, exim4-doc-html|exim4-doc-info, -- cgit v1.2.3 From cbd6042c377a546f75d3bf8e06314dd33158de4b Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sat, 12 Apr 2014 16:22:47 +0200 Subject: Rebuild against GnuTLS v3. --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 6829deb..5b68063 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +exim4 (4.82-8) unstable; urgency=medium + + * Now that GMP has been relicensed to LGPLv3+/GPLv2+ build exim against + GnuTLS v3. + + -- Andreas Metzler Sat, 12 Apr 2014 16:19:05 +0200 + exim4 (4.82-7) unstable; urgency=high [ Martin Pitt ] -- cgit v1.2.3 From e2e82582f8f34dd7809129a50783c1cd4bb0a1c2 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Sun, 20 Apr 2014 08:01:36 +0200 Subject: Delete unapplied patch 65_saverandomseed.dpatch Drop 65_saverandomseed.dpatch from source. It was never applied in a binary upload and is useless with gnutls v3 (nettle instad of gcrypt). --- debian/patches/65_saverandomseed.dpatch | 73 --------------------------------- 1 file changed, 73 deletions(-) delete mode 100755 debian/patches/65_saverandomseed.dpatch (limited to 'debian') diff --git a/debian/patches/65_saverandomseed.dpatch b/debian/patches/65_saverandomseed.dpatch deleted file mode 100755 index d16c1d7..0000000 --- a/debian/patches/65_saverandomseed.dpatch +++ /dev/null @@ -1,73 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 65_saverandomseed.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Save gcrypt RNG seed. - -diff -NurbBp exim.orig/src/tls-gnu.c exim/src/tls-gnu.c ---- exim.orig/src/tls-gnu.c 2009-11-15 12:17:32.000000000 +0100 -+++ exim/src/tls-gnu.c 2009-11-15 12:38:30.000000000 +0100 -@@ -20,6 +20,7 @@ functions from the GnuTLS library. */ - #include - #include - -+#include - - #define UNKNOWN_NAME "unknown" - #define DH_BITS 2048 -@@ -443,10 +444,35 @@ tls_init(host_item *host, uschar *certif - uschar *crl) - { - int rc; -+uschar filename[200]; - uschar *cert_expanded, *key_expanded, *cas_expanded, *crl_expanded; -+gcry_error_t gcr_rc; - - client_host = host; - -+/* initialize gcrypt explicitely */ -+gcry_check_version (NULL); -+ -+/* Use a random_seed file for gcrypt's RNG */ -+if (host_number_string != NULL) -+ { -+ if (!string_format(filename, sizeof(filename), "%s/random.seed%s", -+ spool_directory, host_number_string)) -+ return tls_error(US"overlong filename spool_directory/random.seedlocalhost_number", host, 0); -+ } -+else -+ { -+ if (!string_format(filename, sizeof(filename), "%s/random.seed", -+ spool_directory)) -+ return tls_error(US"overlong filename spool_directory/random.seed", host, 0); -+ } -+ -+gcr_rc = gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE,filename); -+if (gcr_rc) -+ return tls_error(US"Failure to set random_seed file", host, gcr_rc); -+ -+gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); -+ - rc = gnutls_global_init(); - if (rc < 0) return tls_error(US"tls-init", host, gnutls_strerror(rc)); - -@@ -1295,8 +1321,19 @@ Returns: nothing - void - tls_close(BOOL shutdown) - { -+gcry_error_t gcr_rc; -+ - if (tls_active < 0) return; /* TLS was not active */ - -+gcr_rc = gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); -+ -+if (gcr_rc) -+ { -+ DEBUG(D_tls) debug_printf( -+ "GCRYCTL_UPDATE_RANDOM_SEED_FILE failed: (%d): (%s)\n", -+ gcr_rc,gcry_strerror(gcr_rc)); -+ } -+ - if (shutdown) - { - DEBUG(D_tls) debug_printf("tls_close(): shutting down TLS\n"); -- cgit v1.2.3 From 2a8cc6135e41dc7c5607597ebdd5c205ff150e22 Mon Sep 17 00:00:00 2001 From: Andreas Metzler Date: Wed, 28 May 2014 19:17:13 +0200 Subject: exim 4.82.1 New upstream security release, fixing CVE-2014-2957. This is a remote code execution flaw in Exim version 4.82 (only) when built with DMARC support. Debian's binary packages are not built with DMARC support and therefore not vulnerable. However we want to fix this for people building their own binaries based on Debian's packaging. --- debian/changelog | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 5b68063..88ae476 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +exim4 (4.82.1-1) unstable; urgency=high + + * New upstream security release, fixing CVE-2014-2957. This is a remote + code execution flaw in Exim version 4.82 (only) when built with DMARC + support. Debian's binary packages are not built with DMARC support and + therefore not vulnerable. However we want to fix this for people building + their own binaries based on Debian's packaging. + + -- Andreas Metzler Wed, 28 May 2014 19:01:43 +0200 + exim4 (4.82-8) unstable; urgency=medium * Now that GMP has been relicensed to LGPLv3+/GPLv2+ build exim against -- cgit v1.2.3