[packages/exim] - up to 4.83; enable dsn, proxy; fixes CVE-2014-2957, CVE-2014-2972

arekm arekm at pld-linux.org
Wed Jul 23 07:09:59 CEST 2014 

commit 7575719702427ca5550b840dfdf3abfca7e208d1
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Wed Jul 23 07:09:55 2014 +0200

    - up to 4.83; enable dsn, proxy; fixes CVE-2014-2957, CVE-2014-2972

 exim-bug-659.patch | 87 ------------------------------------------------------
 exim.spec          | 20 ++++++-------
 2 files changed, 10 insertions(+), 97 deletions(-)
---
diff --git a/exim.spec b/exim.spec
index 6b6dd1d..cf15054 100644
--- a/exim.spec
+++ b/exim.spec
@@ -11,7 +11,7 @@
 %bcond_without	dynamic # dynamic modules
 %bcond_without	hiredis # without redis
 %bcond_without	ocsp	# without experimental OCSP
-%bcond_with	dsn	# DSN
+%bcond_without	dsn	# DSN
 
 %if "%{pld_release}" == "ac"
 # requires openssl SNI
@@ -24,15 +24,15 @@ Summary:	University of Cambridge Mail Transfer Agent
 Summary(pl.UTF-8):	Agent Transferu Poczty Uniwersytetu w Cambridge
 Summary(pt_BR.UTF-8):	Servidor de correio eletrônico exim
 Name:		exim
-Version:	4.82.1
-Release:	2
+Version:	4.83
+Release:	1
 Epoch:		2
 License:	GPL
 Group:		Networking/Daemons/SMTP
 Source0:	ftp://ftp.exim.org/pub/exim/exim4/%{name}-%{version}.tar.bz2
-# Source0-md5:	4544696ce6689ba9141a0697f25a74cb
+# Source0-md5:	fc6790f346a50a3c87be96b335b9c8ae
 Source1:	ftp://ftp.exim.org/pub/exim/exim4/%{name}-html-%{version}.tar.bz2
-# Source1-md5:	a4aa8645868e54944c6540b3f8b798ea
+# Source1-md5:	f128a7f04e65ea80bb3f76e6fa3d0747
 Source2:	%{name}.init
 Source3:	%{name}.cron.db
 Source4:	%{name}4.conf
@@ -58,10 +58,8 @@ Patch4:		%{name}4-Makefile-Default.patch
 # http://marc.merlins.org/linux/exim/files/sa-exim-cvs/localscan_dlopen_exim_4.20_or_better.patch
 Patch5:		localscan_dlopen_%{name}_4.20_or_better.patch
 
-# http://sourceforge.net/projects/eximdsn/
-Patch7:		%{name}_463_dsn_1_3.patch
 Patch8:		%{name}-spam-timeout.patch
-Patch9:		exim-bug-659.patch
+
 Patch10:	%{name}-force-sigalrm.patch
 URL:		http://www.exim.org/
 %{?with_sasl:BuildRequires:	cyrus-sasl-devel >= 2.1.0}
@@ -178,9 +176,8 @@ Pliki nagłówkowe dla Exima.
 %patch4 -p1
 %patch5 -p1
 
-%{?with_dsn:%patch7 -p1}
 %patch8 -p1
-%patch9 -p2
+
 %patch10 -p1
 
 install %{SOURCE14} doc/config.samples.tar.bz2
@@ -198,6 +195,9 @@ SUPPORT_DSN=yes
 EXPERIMENTAL_DCC=yes
 EXPERIMENTAL_PRDR=yes
 EXPERIMENTAL_TPDA=yes
+EXPERIMENTAL_PROXY=yes
+EXPERIMENTAL_CERTNAMES=yes
+%{?with_dsn:EXPERIMENTAL_DSN=yes}
 %{?with_ocsp:EXPERIMENTAL_OCSP=yes}
 %if %{with spf}
 EXPERIMENTAL_SPF=yes
diff --git a/exim-bug-659.patch b/exim-bug-659.patch
deleted file mode 100644
index 5bd0e49..0000000
--- a/exim-bug-659.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 83befcbcee0756af0c43f2a5f7dbed3bb5a4cd6e Mon Sep 17 00:00:00 2001
-From: Todd Lyons <tlyons at exim.org>
-Date: Sat, 12 Oct 2013 09:42:31 -0700
-Subject: [PATCH] Bug 1334: AutoDetect compression type in exigrep
-
-Does not use any extra perl modules.
-Attempts hard coded types first, so no extra code for the standard
-  case.
-Easy to add more compression types.
----
- src/src/exigrep.src |   53 +++++++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 53 insertions(+)
-
-diff --git a/src/src/exigrep.src b/src/src/exigrep.src
-index 0950b58..d22d362 100644
---- a/src/src/exigrep.src
-+++ b/src/src/exigrep.src
-@@ -124,6 +124,54 @@ elsif ( ($invert && (($insensitive && !/$pattern/io) || !/$pattern/o)) ||
-   { print "$_\n"; }
- }
- 
-+# Rotated log files are frequently compressed and there are a variety of
-+# formats it could be compressed with. Rather than use just one that is
-+# detected and hardcoded at Exim compile time, detect and use what the
-+# logfile is compressed with on the fly.
-+#
-+# List of known compression extensions and their associated commands:
-+my $compressors = {
-+  gz   => { cmd => 'zcat',  args => '' },
-+  bz2  => { cmd => 'bzcat', args => '' },
-+  xz   => { cmd => 'xzcat', args => '' },
-+  lzma => { cmd => 'lzma',  args => '-dc' }
-+};
-+my $csearch = 0;
-+
-+sub detect_compressor_bin
-+  {
-+  my $ext = shift();
-+  my $c = $compressors->{$ext}->{cmd};
-+  $compressors->{$ext}->{bin} = `which $c 2>/dev/null`;
-+  chomp($compressors->{$ext}->{bin});
-+  }
-+
-+sub detect_compressor_capable
-+  {
-+  my $filename = shift();
-+  map { &detect_compressor_bin($_) } keys %$compressors
-+    if (!$csearch);
-+  $csearch = 1;
-+  return undef
-+    unless (grep {$filename =~ /\.(?:$_)$/} keys %$compressors);
-+  # Loop through them, figure out which one it detected,
-+  # and build the commandline.
-+  my $cmdline = undef;
-+  foreach my $ext (keys %$compressors)
-+    {
-+    if ($filename =~ /\.(?:$ext)$/)
-+      {
-+      # Just die if compressor not found; if this occurrs in the middle of
-+      # two valid files with a lot of matches, error could easily be missed.
-+      die("Didn't find $ext decompressor for $filename\n")
-+        if ($compressors->{$ext}->{bin} eq '');
-+      $cmdline = $compressors->{$ext}->{bin} ." ".
-+                   $compressors->{$ext}->{args};
-+      last;
-+      }
-+    }
-+  return $cmdline;
-+  }
- 
- # The main program. Extract the pattern and make sure any relevant characters
- # are quoted if the -l flag is given. The -t flag gives a time-on-queue value
-@@ -154,6 +202,11 @@ if (@ARGV)
-       open(LOG, "ZCAT_COMMAND $filename |") ||
-         die "Unable to zcat $filename: $!\n";
-       }
-+    elsif (my $cmdline = &detect_compressor_capable($filename))
-+      {
-+      open(LOG, "$cmdline $filename |") ||
-+        die "Unable to decompress $filename: $!\n";
-+      }
-     else
-       {
-       open(LOG, "<$filename") || die "Unable to open $filename: $!\n";
--- 
-1.7.9.5
-
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/exim.git/commitdiff/7575719702427ca5550b840dfdf3abfca7e208d1

More information about the pld-cvs-commit mailing list