git: 36fcd7174d16 - main - mail/exim: update 4.96 -> 4.96.1 to fix several CVEs
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 03 Oct 2023 20:30:26 UTC
The branch main has been updated by fluffy: URL: https://cgit.FreeBSD.org/ports/commit/?id=36fcd7174d1651f557875c1b57255faca3d27914 commit 36fcd7174d1651f557875c1b57255faca3d27914 Author: Kurt Jaeger <pi@FreeBSD.org> AuthorDate: 2023-10-03 20:27:51 +0000 Commit: Dima Panov <fluffy@FreeBSD.org> CommitDate: 2023-10-03 20:30:04 +0000 mail/exim: update 4.96 -> 4.96.1 to fix several CVEs PR: 274235 MFH: 2023Q4 --- mail/exim/Makefile | 4 ++-- mail/exim/distinfo | 6 ++--- ...-attempt-to-rewrite-a-malformed-address.-.patch | 18 --------------- ...5_08-Fix-regex-n-use-after-free.-Bug-2915.patch | 26 ---------------------- ...ix-for-clients-offering-no-TLS-extensions.patch | 18 --------------- ...-Build-with-libopendmarc-1.4.x-fixes-2728.patch | 17 -------------- .../75_22-Fix-daemon-startup.-Bug-2930.patch | 18 --------------- ..._23-Fix-reccipients-after-run.-.-Bug-2929.patch | 17 -------------- ...substring-capture-variables-for-null-matc.patch | 19 ---------------- .../75_50-Fix-logging-of-max-size-log-line.patch | 19 ---------------- ...ion-on-dns_again_means_nonexist.-Bug-2911.patch | 22 ------------------ ...-tls_eccurve-setting-explicit-curve-group.patch | 18 --------------- ...-check-dns_again_means_nonexist-for-TLSA-.patch | 20 +---------------- .../debian/75_66-Fix-crash-in-expansions.patch | 18 --------------- 14 files changed, 6 insertions(+), 234 deletions(-) diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 98565c95aa5a..358845ea8316 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -1,6 +1,6 @@ PORTNAME= exim PORTVERSION?= ${EXIM_VERSION} -PORTREVISION?= 1 +PORTREVISION?= 0 CATEGORIES= mail MASTER_SITES= EXIM:exim MASTER_SITE_SUBDIR= /exim4/:exim \ @@ -130,7 +130,7 @@ EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.c EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.conf .endif -EXIM_VERSION= 4.96 +EXIM_VERSION= 4.96.1 SA_EXIM_VERSION=4.2.1 EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink" EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name '74_*.patch'|${SORT} -h` diff --git a/mail/exim/distinfo b/mail/exim/distinfo index eb6b96ef513f..5536bcc2c9df 100644 --- a/mail/exim/distinfo +++ b/mail/exim/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1681024359 -SHA256 (exim/exim-4.96.tar.bz2) = c7a413fec601cc44a8f5fe9e5b64cb24a7d133f3a4a976f33741d98ff0ec6b91 -SIZE (exim/exim-4.96.tar.bz2) = 2047632 +TIMESTAMP = 1696250210 +SHA256 (exim/exim-4.96.1.tar.bz2) = 26bbcd4f45483c7138912b4bd31022aee8abf8ac7cdff55839d7e2a9e4c60692 +SIZE (exim/exim-4.96.1.tar.bz2) = 2048927 SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1 SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933 diff --git a/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch b/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch index bf0f64942d7d..42a2c237aa82 100644 --- a/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch +++ b/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch @@ -4,7 +4,6 @@ Date: Tue, 12 Jul 2022 22:14:04 +0100 Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903 --- - doc/ChangeLog | 5 + src/rewrite.c | 9 +- test/confs/0471 | 7 + test/log/0471 | 5 + @@ -12,23 +11,6 @@ Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903 test/stderr/0471 | 245 ++++++++++++++++++++++++++++++++++- 6 files changed, 267 insertions(+), 8 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -1,9 +1,14 @@ - This document describes *changes* to previous versions, that might - affect Exim's operation, with an unchanged configuration file. For new - options, and new features, see the NewStuff file next to this ChangeLog. - -+JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address. -+ Make the rewrite never match and keep the logging. Trust the -+ admin to be using verify=header-syntax (to actually reject the message). -+ -+ - Exim version 4.96 - ----------------- - - JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from - after reception to before a subsequent reception. This should --- a/src/rewrite.c +++ b/src/rewrite.c @@ -493,19 +493,18 @@ diff --git a/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch b/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch index 2429e9ff55b9..6dd55c1fe806 100644 --- a/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch +++ b/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch @@ -4,7 +4,6 @@ Date: Wed, 31 Aug 2022 15:37:40 +0100 Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915 --- - doc/ChangeLog | 8 +++++++- src/exim.c | 4 +--- src/expand.c | 2 +- src/functions.h | 1 + @@ -13,31 +12,6 @@ Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915 src/smtp_in.c | 2 ++ 7 files changed, 55 insertions(+), 17 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -4,15 +4,21 @@ - - JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address. - Make the rewrite never match and keep the logging. Trust the - admin to be using verify=header-syntax (to actually reject the message). - -+JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when -+ more than one message arrived in a single connection a reference from -+ the earlier message could be re-used. Often a sigsegv resulted. -+ These variables were introduced in Exim 4.87. -+ Debug help from Graeme Fowler. -+ - - Exim version 4.96 - ----------------- - --JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from -+JH/01 Move the wait-for-next-tick (needed for unique message IDs) from - after reception to before a subsequent reception. This should - mean slightly faster delivery, and also confirmation of reception - to senders. - - JH/02 Move from using the pcre library to pcre2. The former is no longer --- a/src/exim.c +++ b/src/exim.c @@ -1999,12 +1999,10 @@ diff --git a/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch b/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch index ae2fa16f51ea..73b584dbef4d 100644 --- a/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch +++ b/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch @@ -4,7 +4,6 @@ Date: Fri, 30 Sep 2022 13:49:41 +0100 Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions --- - doc/ChangeLog | 3 +++ src/tls-gnu.c | 3 ++- src/tls-openssl.c | 39 +++++++++++++++--------------- test/confs/2091 | 1 + @@ -17,23 +16,6 @@ Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions create mode 100644 test/scripts/2090-GnuTLS-ALPN/2091 create mode 100644 test/stdout/2091 ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -10,10 +10,14 @@ - more than one message arrived in a single connection a reference from - the earlier message could be re-used. Often a sigsegv resulted. - These variables were introduced in Exim 4.87. - Debug help from Graeme Fowler. - -+JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all. -+ Find and fix by Jasen Betts. -+ -+ - - Exim version 4.96 - ----------------- - - JH/01 Move the wait-for-next-tick (needed for unique message IDs) from --- a/src/tls-gnu.c +++ b/src/tls-gnu.c @@ -1130,12 +1130,13 @@ diff --git a/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch b/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch index f261d621d67a..456f315236b1 100644 --- a/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch +++ b/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch @@ -4,28 +4,11 @@ Date: Sat, 15 Oct 2022 19:30:58 +0200 Subject: [PATCH 1/2] Fix: Build with libopendmarc 1.4.x (fixes 2728) --- - doc/ChangeLog | 3 +++ src/EDITME | 7 +++++-- src/config.h.defaults | 1 + src/dmarc.c | 7 ++++++- 4 files changed, 15 insertions(+), 3 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -13,10 +13,13 @@ - Debug help from Graeme Fowler. - - JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all. - Find and fix by Jasen Betts. - -+HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible -+ API changes in libopendmarc. -+ - - - Exim version 4.96 - ----------------- - --- a/src/EDITME +++ b/src/EDITME @@ -600,18 +600,21 @@ diff --git a/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch b/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch index 2a3434f8b0b1..412c39be28d7 100644 --- a/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch +++ b/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch @@ -5,27 +5,9 @@ Subject: [PATCH 1/2] Fix daemon startup. Bug 2930 Broken-by: 7d5055276a --- - doc/ChangeLog | 4 ++++ src/daemon.c | 8 ++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -16,10 +16,14 @@ - Find and fix by Jasen Betts. - - HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible - API changes in libopendmarc. - -+JH/12 Bug 2930: Fix daemon startup. When started from any process apart from -+ pid 1, in the normal "background daemon" mode, having to drop process- -+ group leadership also lost track of needing to create listener sockets. -+ - - - Exim version 4.96 - ----------------- - --- a/src/daemon.c +++ b/src/daemon.c @@ -1744,19 +1744,23 @@ diff --git a/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch b/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch index 1c98ef26083b..1db2ad0c9c99 100644 --- a/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch +++ b/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch @@ -5,26 +5,9 @@ Subject: [PATCH 2/2] Fix $reccipients after ${run...}. Bug 2929 Broken-by: cfe6acff2d --- - doc/ChangeLog | 3 +++ src/transport.c | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -20,10 +20,13 @@ - - JH/12 Bug 2930: Fix daemon startup. When started from any process apart from - pid 1, in the normal "background daemon" mode, having to drop process- - group leadership also lost track of needing to create listener sockets. - -+JH/13 Bug 2929: Fix using $recipients after ${run...}. A change made for 4.96 -+ resulted in the variable appearing empty. Find and fix by Ruben Jenster. -+ - - - Exim version 4.96 - ----------------- - --- a/src/transport.c +++ b/src/transport.c @@ -2342,13 +2342,14 @@ diff --git a/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch b/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch index bd250f2b7191..d12b1b246631 100644 --- a/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch +++ b/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch @@ -6,30 +6,11 @@ Subject: [PATCH 1/2] Fix regext substring capture variables for null matches. broken-by: 59d66fdc13f0 --- - doc/ChangeLog | 5 +++++ src/exim.c | 2 ++ src/malware.c | 3 +++ src/regex.c | 2 +- 4 files changed, 11 insertions(+), 1 deletion(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -22,10 +22,15 @@ - pid 1, in the normal "background daemon" mode, having to drop process- - group leadership also lost track of needing to create listener sockets. - - JH/13 Bug 2929: Fix using $recipients after ${run...}. A change made for 4.96 - resulted in the variable appearing empty. Find and fix by Ruben Jenster. -+ -+JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96 -+ a capture group which obtained no text (eg. "(abc)*" matching zero -+ occurrences) could cause a segfault if the corresponding $<n> was -+ expanded. - - - - Exim version 4.96 - ----------------- --- a/src/exim.c +++ b/src/exim.c @@ -167,10 +167,12 @@ diff --git a/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch b/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch index 5992faca6eac..f5dbd7a3d356 100644 --- a/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch +++ b/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch @@ -5,7 +5,6 @@ Subject: [PATCH] Fix logging of max-size log line Broken-by: d12746bc15d8 --- - doc/ChangeLog | 5 +++++ src/log.c | 7 ++++--- test/confs/0633 | 21 ++++++++++++++++++++ test/scripts/0000-Basic/0633 | 9 +++++++++ @@ -17,24 +16,6 @@ Broken-by: d12746bc15d8 create mode 100644 test/stderr/0633 create mode 100644 test/stdout/0633 ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -28,10 +28,15 @@ JH/13 Bug 2929: Fix using $recipients af - JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96 - a capture group which obtained no text (eg. "(abc)*" matching zero - occurrences) could cause a segfault if the corresponding $<n> was - expanded. - -+JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line -+ was exactly sized compared to the log buffer, a crash occurred with the -+ misleading message "bad memory reference; pool not found". -+ Found and traced by Jasen Betts. -+ - - - Exim version 4.96 - ----------------- - --- a/src/log.c +++ b/src/log.c @@ -803,11 +803,11 @@ Returns: nothing diff --git a/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch b/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch index bbbfbe9ef1e7..271ff90ab99a 100644 --- a/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch +++ b/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch @@ -4,7 +4,6 @@ Date: Wed, 28 Dec 2022 19:39:06 +0000 Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911 --- - doc/ChangeLog | 8 +++++ src/dns.c | 12 ++++++++ test/confs/2202 | 18 +++++++++-- test/scripts/2200-dnsdb/2202 | 8 +++++ @@ -12,27 +11,6 @@ Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911 test/stdout/2202 | 8 +++++ 6 files changed, 108 insertions(+), 4 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -33,10 +33,18 @@ JH/14 Bug 2933: Fix regex substring matc - JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line - was exactly sized compared to the log buffer, a crash occurred with the - misleading message "bad memory reference; pool not found". - Found and traced by Jasen Betts. - -+JH/19 Bug 2911: Fix a recursion in DNS lookups. Previously, if the main option -+ dns_again_means_nonexist included an element causing a DNS lookup which -+ iteslf returned DNS_AGAIN, unbounded recursion occurred. Possible results -+ included (though probably not limited to) a process crash from stack -+ memory limit, or from excessive open files. Replace this with a paniclog -+ whine (as this is likely a configuration error), and returning -+ DNS_NOMATCH. -+ - - - Exim version 4.96 - ----------------- - --- a/src/dns.c +++ b/src/dns.c @@ -799,10 +799,11 @@ int diff --git a/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch b/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch index da05ba9476a8..a34731a4a453 100644 --- a/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch +++ b/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch @@ -5,7 +5,6 @@ Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group. Bug 2954 --- - doc/ChangeLog | 4 +++ src/tls-openssl.c | 39 ++++++++++++++---------- test/confs/2148 | 54 ++++++++++++++++++++++++++++++++++ test/confs/2149 | 39 +++++++++++++----------- @@ -23,23 +22,6 @@ Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group. Bug create mode 100644 test/scripts/2100-OpenSSL/2148 create mode 100644 test/stderr/2148 ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -41,10 +41,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l - included (though probably not limited to) a process crash from stack - memory limit, or from excessive open files. Replace this with a paniclog - whine (as this is likely a configuration error), and returning - DNS_NOMATCH. - -+JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group. Previously -+ this always failed, probably leading to the usual downgrade to in-clear -+ connections. -+ - - - Exim version 4.96 - ----------------- - --- a/src/tls-openssl.c +++ b/src/tls-openssl.c @@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits) diff --git a/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch b/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch index 417ffa4eed8c..5d990eddfca6 100644 --- a/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch +++ b/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch @@ -5,28 +5,10 @@ Subject: [PATCH 3/3] DANE: do not check dns_again_means_nonexist for TLSA results of TRY_AGAIN --- - doc/doc-docbook/spec.xfpt | 7 ++++++- - doc/ChangeLog | 4 ++++ src/dns.c | 35 ++++++++++++++++++++++------------- + doc/doc-docbook/spec.xfpt | 7 ++++++- 3 files changed, 32 insertions(+), 14 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -46,10 +46,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l - JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group. Previously - this always failed, probably leading to the usual downgrade to in-clear - connections. - - -+JH/20 Fix TLSA lookups. Previously dns_again_means_nonexist would affect -+ SERVFAIL results, which breaks the downgrade resistance of DANE. Change -+ to not checking that list for these looks. -+ - - Exim version 4.96 - ----------------- - - JH/01 Move the wait-for-next-tick (needed for unique message IDs) from --- a/src/dns.c +++ b/src/dns.c @@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno diff --git a/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch b/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch index d776c8edf393..d65891fd9dbe 100644 --- a/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch +++ b/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch @@ -5,28 +5,10 @@ Subject: [PATCH] Fix crash in expansions Broken-by: 1058096b8c53 --- - doc/ChangeLog | 4 ++++ src/expand.c | 9 +++++---- test/stderr/0630 | 1 + 3 files changed, 10 insertions(+), 4 deletions(-) ---- a/doc/ChangeLog -+++ b/doc/ChangeLog -@@ -50,10 +50,14 @@ JH/20 Bug 2954: (OpenSSL) Fix setting of - - JH/20 Fix TLSA lookups. Previously dns_again_means_nonexist would affect - SERVFAIL results, which breaks the downgrade resistance of DANE. Change - to not checking that list for these looks. - -+JH/23 Fix crash in string expansions. Previously, if an empty variable was -+ immediately followed by an expansion operator, a null-indirection read -+ was done, killing the process. -+ - - Exim version 4.96 - ----------------- - - JH/01 Move the wait-for-next-tick (needed for unique message IDs) from --- a/src/expand.c +++ b/src/expand.c @@ -4652,11 +4652,11 @@ while (*s)