-
exim4 (4.76-2ubuntu1.1) oneiric-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via dns decode logic
- debian/patches/CVE-2012-5671.patch: adjust max length and validate
against it in src/pdkim/pdkim.h, src/dkim.c.
- CVE-2012-5671
-- Marc Deslauriers <email address hidden> Thu, 25 Oct 2012 08:27:56 -0400
-
exim4 (4.76-2ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/control: Don't declare a Provides: default-mta; in Ubuntu,
we want postfix to be the default.
exim4 (4.76-2) unstable; urgency=low
* debian/rules: Remove test/ and test-stamp on clean.
* Handle BerkeleyDB upgrades more gracefully. Instead of checking Debian
version numbers compare DB-version of old exim (stored by postinst in
/var/lib/exim4/berkeleydbvers.txt) with currently used DB-version
(hardcoded at build time in exim4-base.postinst).
* [exim4-base.postinst exim4-config.postinst] Do away with unnecessary
chowns by dropping them or limiting to upgrades from 4.30.
-- Stephane Graber <email address hidden> Mon, 30 May 2011 17:48:56 -0400
-
exim4 (4.76-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes (LP: #779391):
- debian/control: Don't declare a Provides: default-mta; in Ubuntu,
we want postfix to be the default.
exim4 (4.76-1) unstable; urgency=low
* New upstream version.
* Drop 80_match_isinlist.diff (included upstream).
exim4 (4.76~RC1-3) experimental; urgency=low
* 80_match_isinlist.diff pulled from upstream git.
exim4 (4.76~RC1-2) experimental; urgency=low
* Fix testsuite error.
* Disable verification of DKIM signatures if DC_minimaldns or the (newly
added) DISABLE_DKIM_VERIFY macro are set. Closes: #609764
* [lintian] Drop useless comments from debian/watch.
exim4 (4.76~RC1-1) experimental; urgency=low
* New upstream version.
* Drop superfluous patches. 80_ldap_require_cert-work.diff
81_negatebool.diff 82_dkimpercent.diff
* [Lintian] Fix grammar error in manpage (spelling-error-in-manpage
update-exim4defaults.8.gz allows to allows one to).
* [debian/minimaltest]: Added. Try to run a minimal functionality test after
building exim. (Currently only supported if the build-system has a
Debian-exim user.)
exim4 (4.75-3) unstable; urgency=high
* [debian/rules] Fix dependencies and targets, speeding up package build.
Previously everything was compiled twice.
* Patches pulled from upstream git:
+81_negatebool.diff Negating the $bool expansion condition did not work.
+82_dkimpercent.diff dkim sig logged to paniclog. Closes: #624670
(CVE-2011-1764)
-- Stephane Graber <email address hidden> Mon, 23 May 2011 12:37:30 -0400
-
exim4 (4.75-2ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- debian/control: Don't declare a Provides: default-mta; in Ubuntu,
we want postfix to be the default.
exim4 (4.75-2) unstable; urgency=low
* clamav socket on Debian is clamd:/var/run/clamav/clamd.ctl, fix
configuration example accordingly. (Thanks, Roman V. Nikolaev)
Closes: #622111
* Use on libdb5.1-dev (instead of 4.8), zap hints db on upgrade from <=
4.75-1. Closes: #621388
* Enable hardening options. (Last difference to Ubuntu except for not being
the default-mta there.) Closes: #542726
exim4 (4.75-1) unstable; urgency=low
* New upstream version.
* 80_ldap_require_cert-work.diff Pulled from upstream git. The new
ldap_require_cert option would segfault if used.
exim4 (4.75~rc3-1) experimental; urgency=low
* New upstream version.
exim4 (4.75~rc2-1) experimental; urgency=low
* New upstream version.
+ Fixes exiqgrep "Line mismatch" error on messages without size info.
Closes: #528625
+ Restore default SIGPIPE handler for child_open_uid. Closes: #573779
* Enable verbose compilation.
exim4 (4.74-2) unstable; urgency=low
* Upload to unstable.
-- Stephane Graber <email address hidden> Fri, 06 May 2011 14:51:28 -0400
-
exim4 (4.74-1ubuntu1) natty; urgency=low
* Merge from debian experimental. Remaining changes: (LP: #713855)
- debian/patches/71_exiq_grep_error_on_messages_without_size.patch:
+ Improve handling of broken messages when "exim4 -bp" (mailq)
reports lines without size info. (Closes: #528625)
- debian/control: Don't declare a Provides: default-mta; in Ubuntu,
we want postfix to be the default.
- debian/{control,rules}: Add and enable hardened build for PIE.
(Closes: #542726)
* Update 71_exiq_grep_error_on_messages_without_size.patch to get way
which upstream has fixed it. Probably it can be dropped with next
upstream release.
* This upload fixes CVE: (LP: #708023)
- CVE-2011-0017
exim4 (4.74-1) experimental; urgency=low
* 4.74 release, should build on hurd again.
* Fix some lintian --pedantic issues: copyright-refers-to-symlink-license
maintainer-script-without-set-e debian-control-has-unusual-field-spacing
exim4 (4.74~rc2-1) experimental; urgency=low
* In spf example use spf-tools-perl's spfquery instead of the one from
libmail-spf-query-perl. Do not try to use unimplemented best-guess
support. Update Suggests accordingly. Closes: #608336
* Add headers in ACL by using the add_header modifier instead of "message".
(This modifier has been available since 4.61.) Closes: #609308
* New upstream version.
+ includes the fix for CVE-2011-0017
+ If a non-debug daemon was invoked with a non-whitelisted macro, then
logs from after attempting delivery would be silently lost, including
for successful delivery. This log-loss bug was introduced in 4.73
as part of the security lockdown. Closes: #610611
+ Update some patches.
-- Artur Rona <email address hidden> Wed, 09 Feb 2011 21:31:35 +0100
