Change log for exim4 package in Debian

175 of 268 results
Published in sid-release on 2020-09-17
exim4 (4.94-8) unstable; urgency=low

  * Reorder ACL using a "require" verb, move message-statement to the
    beginning. (Thanks, Slavko!) Closes: #968089
  * Update from exim-4.94+fixes:
    + 74_27-Fix-spelling-of-local_part_data-in-docs-and-debug-ou.patch
    + 74_28-Fix-readsocket-eol-replacement.-Bug-2630.patch
    + 74_29-Taint-fix-off-by-one-in-is_tainted-.-Bug-2634.patch
    + 74_30-Build-ifdef-guard-for-EXPERIMENTAL_QUEUEFILE.patch
    + 74_31-Taint-fix-off-by-one-in-is_tainted-.-Bug-2634.patch
    + 74_32-DANE-force-SNI-to-use-domain.-Bug-2265.patch
    + 74_33-DANE-Fix-2-rcpt-message-diff-domins-case.-Bug-2265.patch
    + 74_34-Fix-non-DANE-build.patch
    + 74_35-DANE-Fix-2-messages-from-queue-case.patch
    + 74_36-Fix-non-DANE-build.patch

 -- Andreas Metzler <email address hidden>  Thu, 17 Sep 2020 06:54:00 +0200
Published in buster-release on 2020-08-01
exim4 (4.92-8+deb10u4) buster-security; urgency=high

  * Fix authentication bypass in SPA authenticator due to out-of-bound buffer
    read. https://bugs.exim.org/show_bug.cgi?id=2571 CVE-2020-12783

 -- Andreas Metzler <email address hidden>  Wed, 13 May 2020 18:01:31 +0200
Superseded in sid-release on 2020-09-17
exim4 (4.94-7) unstable; urgency=low

  * Update from exim-4.94+fixes:
   + 74_24-Taint-fix-ACL-spam-condition-to-permit-tainted-name-.patch
   + 74_25-Fix-debug_print_socket.patch
   + 74_26-debug_print_socket-output-formatting.patch
  * [lintian] Mark some patches with "Forwarded: not-needed".

 -- Andreas Metzler <email address hidden>  Fri, 24 Jul 2020 13:31:47 +0200
Published in stretch-release on 2020-07-18
exim4 (4.89-2+deb9u7) stretch-security; urgency=high

  * Fix authentication bypass in SPA authenticator due to out-of-bound buffer
    read. https://bugs.exim.org/show_bug.cgi?id=2571 CVE-2020-12783

 -- Andreas Metzler <email address hidden>  Wed, 13 May 2020 18:18:26 +0200
Superseded in sid-release on 2020-07-24
exim4 (4.94-6) unstable; urgency=medium

  * Fix typo (missing "S") in REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS macro.
    (Thanks, Slavko!)  Closes: #964394
  * Update from exim-4.94+fixes:
    + 74_21-typoes.patch (replaces 75_typo_in_74_20.diff)
    + 74_22-Fix-DKIM-signing-to-always-terminate.-Bug-2295.patch
    + 74_23-Fix-taint-trap-in-parse_fix_phrase-.-Bug-2617.patch
  * Add lintian overrides for usr/lib/sendmail symlink and for not forwarding
    Debian-specific manpages (maintainer-manual-page).
  * [lintian] Use UTF-8 encoding in es.po.

 -- Andreas Metzler <email address hidden>  Sat, 11 Jul 2020 14:27:31 +0200
Superseded in sid-release on 2020-07-11
exim4 (4.94-5) unstable; urgency=medium

  [ Justin Aplin ]
  * Fix build with GNU Make (<4.3), broken in -3.

  [ Andreas Metzler ]
  * Update from exim-4.94+fixes:
    + 74_15-Cutthrough-handle-request-when-a-callout-hold-is-act.patch
    + 74_16-Lookups-Fix-subdir-filter-on-a-dsearch.patch
    + 74_17-Docs-list-further-ways-domain_data-c-may-be-filled-i.patch
    + 74_18-Sqlite-fix-segfault-on-bad-missing-sqlite_dbfile.-Bu.patch
    + 74_19-Taint-fix-ACL-spam-condition-to-permit-tainted-name-.patch
    + 74_20-Fix-message-reception-clock-usage.-Bug-2615.patch Closes: #962847
  * 75_typo_in_74_20.diff: Fix a typo in
    74_20-Fix-message-reception-clock-usage.-Bug-2615.patch.

 -- Andreas Metzler <email address hidden>  Fri, 03 Jul 2020 08:20:07 +0200
Superseded in sid-release on 2020-07-03
exim4 (4.94-4) unstable; urgency=medium

  * Automatically version localscanapi provides. Closes: #963251
  * Update from exim-4.94+fixes:
    + 74_14-Fix-string_copy-macro-to-not-multiple-eval-args.-Bug.patch

 -- Andreas Metzler <email address hidden>  Sun, 21 Jun 2020 18:10:04 +0200
Superseded in sid-release on 2020-06-21
exim4 (4.94-3) unstable; urgency=medium

  * Update from exim-4.94+fixes:
    + 74_09-Filters-fix-vacation-in-Exim-filter.-Bug-2593.patch
    + 74_10-TLS-use-RFC-6125-rules-for-certifucate-name-checks-w.patch
    + 74_11-Taint-fix-radius-expansion-condition.patch
    + 74_12-smtp_accept_map_per_host-call-search_tidyup-in-fail-.patch
    + 74_13-Taint-fix-verify.-Bug-2598.patch

 -- Andreas Metzler <email address hidden>  Fri, 19 Jun 2020 10:31:26 +0200
Superseded in sid-release on 2020-06-19
exim4 (4.94-2) unstable; urgency=low

  * Tighten package interdependencies.  With 4.94's daemon avoiding of
    tainting requires usage of $local_part_data instead of $local_part_data
    in mail_spool transport, but this variable is only filled by the
    check_local_user router option in 4.94.
  * Update from exim-4.94+fixes:
    + 74_01-Docs-listitem.patch
    + 74_02-Taint-fix-pam-expansion-condition.-Bug-2587.patch
    + 74_03-Taint-fix-listcount-expansion-operator.-Bug-2586.patch
    + 74_04-Docs-fix-mistaken-variable-name.patch
    + 74_05-Docs-fix-layout.patch
    + 74_06-Docs-typoes.patch
    + 74_07-Taint-fix-multiple-ACL-actions-to-properly-manage-ta.patch
    + 74_08-Fix-bi.-Bug-2590.patch

 -- Andreas Metzler <email address hidden>  Sun, 07 Jun 2020 09:55:58 +0200
Superseded in sid-release on 2020-06-07
exim4 (4.94-1) unstable; urgency=low

  * New upstream version.
  * Use mktemp(1) instead of tempfile(1), avoid deprecation warning.
  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Mon, 01 Jun 2020 18:45:54 +0200
Deleted in experimental-release (Reason: None provided.)
exim4 (4.94~RC2-1) experimental; urgency=low

  * New upstream version.

 -- Andreas Metzler <email address hidden>  Sat, 23 May 2020 18:07:01 +0200
Superseded in experimental-release on 2020-05-23
exim4 (4.94~RC1-1) experimental; urgency=low

  * Fix broken cross-reference in exim_lock.8 (Closes: #960356) and sync from
    spec.txt.
  * New upstream version.
    + Drop 75*patch.
    + In ACLs always specify "message" or "log_message" after conditions.
    + Use $local_part_data instead of $local_part in require_files statements.
    + Update example.conf.md5.

 -- Andreas Metzler <email address hidden>  Sat, 16 May 2020 11:13:48 +0200
Superseded in experimental-release on 2020-05-16
exim4 (4.94~RC0-2) experimental; urgency=low

  * Update from upstream GIT master.
    + 75_06-Debug-socket-details.patch
    + 75_08-Fix-build-on-platforms-not-supporting-sockopt-SO_PRO.patch
    + 75_09-Build-fix-parallelism-problem.-Bug-2566.patch
    + 75_11-Make-bounce-warn-_message_file-expanded.-Bug-2522.patch
    + 75_12-Taint-When-a-non-wildcarded-localpart-affix-is-match.patch
    + 75_14-Consolidate-local_part_verified-into-local_part_data.patch
    + 75_17-Ensure-lookup-result-variables-are-dropped-between-m.patch
    + 75_18-tidying.patch
    + 75_19-Fix-SPA-authenticator-checking-client-supplied-data-.patch
    + 75_20-wip-see-failed-summary.log.list_match_value.-Pretty-.patch
    + 75_21-value-return.patch
    + 75_22-docs-more-debug.patch
    + 75_23-testcases-for-value-return.patch
    + 75_24-Numeric-variable-returns.patch
    + 75_25-Rework-SPA-fix-to-avoid-overflows.-Bug-2571.patch
    + 75_28-I18N-change-default-on-smtp-transport-to-downconvert.patch
    + 75_29-Lookups-ret-key-option.patch
    + 75_32-Performance-workaround-Linux-kernel-bug.patch
    + 75_33-Fix-build-with-Radius-auth-expansion-condition-suppo.patch
  * $local_part_verified gone again, use $local_part_data. - Update NEWS and
    configuration.

 -- Andreas Metzler <email address hidden>  Sun, 10 May 2020 10:27:04 +0200
Superseded in sid-release on 2020-06-02
exim4 (4.93-16) unstable; urgency=medium

  * Update from exim-4.93+fixes:
    + 74_40-DKIM-fix-dkim_key_length-in-verify.patch
    + 74_41-Build-fix-parallelism-problem.-Bug-2566.patch
    + 74_42-tidying.patch
    + 74_43-Ensure-lookup-result-variables-are-dropped-between-m.patch
    + 74_44-Fix-SPA-authenticator-checking-client-supplied-data-.patch
    + 74_45-Rework-SPA-fix-to-avoid-overflows.-Bug-2571.patch
    + 74_46-Fix-build-with-Radius-auth-expansion-condition-suppo.patch

 -- Andreas Metzler <email address hidden>  Sat, 09 May 2020 19:10:34 +0200
Superseded in experimental-release on 2020-05-10
exim4 (4.94~RC0-1) experimental; urgency=low

  * Point watchfile to test subdirectory.
  * New upstream version.
    + Drop 74_*.diff (fixes branch) and
      75_01-Build-Enable-GNU-Hurd-Bug-2476.patch (from GIT master).
    + Unfuzz 90_localscan_dlopen.dpatch.
    + Update debian/minimaltest, stop using tainted $local_part variable as
      local filename for delivery.
    + Sync from upstream default configuration: Use
      "file = /var/mail/$local_part_verified" in mail_spool transport
      instead of [...]/$local_part.
  * Add NEWS entry for tainting change.
  * Patches from upstream GIT master:
    + 75_02-Fix-local_part_verified-for-remote-delivery-routing-.patch

 -- Andreas Metzler <email address hidden>  Fri, 01 May 2020 18:57:32 +0200
Superseded in sid-release on 2020-05-09
exim4 (4.93-15) unstable; urgency=low

  * Update from exim-4.93+fixes:
    + 74_37-Taint-fix-parsing-of-ACL-ratelimit-condition.patch
    + 74_38-Fix-spool-space-check-to-account-for-SIZE.-Bug-2552.patch
  * Add macro REMOTE_SMTP_INTERFACE for setting the interface option on the
    remote_smtp transport. Closes: #761925

 -- Andreas Metzler <email address hidden>  Sat, 25 Apr 2020 14:10:47 +0200
Superseded in sid-release on 2020-04-26
exim4 (4.93-14) unstable; urgency=low

  * Update from exim-4.93+fixes:
    + 74_34-Taint-fix-dsearch-result-to-be-untainted.patch
    + 74_35-Fix-argument-checking-for-readsocket.patch
    + 74_36-OpenSSL-avoid-loading-server-s-CA-list-for-client-no.patch

 -- Andreas Metzler <email address hidden>  Fri, 10 Apr 2020 13:53:34 +0200
Superseded in sid-release on 2020-04-11
exim4 (4.93-13) unstable; urgency=medium

  * Update from exim-4.93+fixes:
    + 74_29-Fix-mime_part_count-for-non-mime-message-on-multi-me.patch
    + 74_31-Taint-track-in-utf8clean-operator.patch
    + 74_32-Fix-spurious-detection-of-timeout-while-writing-to-t.patch
    + 74_33-Fix-segfault-on-bad-cmdline-f-sender-argument.-Bug-2.patch
  * [lintian] Move eximon.bin from /usr/lib/exim4 to /usr/libexec/exim4.

 -- Andreas Metzler <email address hidden>  Sat, 21 Mar 2020 11:39:19 +0100
Superseded in sid-release on 2020-03-21
exim4 (4.93-12) unstable; urgency=low

  * Update from exim-4.93+fixes:
    + 74_28-Fix-tr-expansion-item.-Bug-2533.patch
  * Recover more gracefull from half installed state after trying to install
    without util-linux (essential) installed. Closes: #952451 (Thanks, James
    Le Cuirot for the patch)
  * Use macro ("ROUTER_DNSLOOKUP_IGNORE_TARGET_HOSTS") for ignore_target_hosts
    list setting on dnslookup router. Extend list by corresponding IPv6
    entries (Thanks, C Snover) Closes: #950973
  * Add REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE to allow setting headers_remove
    on both remote_smtp and remote_smtp_smarthost transports. Closes: #927741

 -- Andreas Metzler <email address hidden>  Sat, 29 Feb 2020 15:53:44 +0100
Superseded in sid-release on 2020-02-29
exim4 (4.93-11) unstable; urgency=medium

  * Update from exim-4.93+fixes:
    + 74_26-Auths-fix-cyrus-sasl-driver-for-gssapi-use.-Bug-2524.patch
    + 74_27-GnuTLS-fix-hanging-callout-connections.patch

 -- Andreas Metzler <email address hidden>  Fri, 14 Feb 2020 16:02:05 +0100
Superseded in stretch-release on 2020-07-18
exim4 (4.89-2+deb9u6) stretch-security; urgency=high

  * 85_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch Fix SNI
    related buffer overflow. CVE-2019-15846

 -- Andreas Metzler <email address hidden>  Tue, 03 Sep 2019 20:01:38 +0200
Superseded in sid-release on 2020-02-14
exim4 (4.93-10) unstable; urgency=medium

  * Refresh debian/upstream/signing-key.asc from
    https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
  * Update from exim-4.93+fixes:
    + 74_23-Fix-taint-hybrid-checking-on-BSD.patch
    + 74_24-TFO-even-in-binary-built-for-modern-Linux-handle-err.patch
    + 74_25-Taint-slow-mode-checking-only.patch

 -- Andreas Metzler <email address hidden>  Sat, 01 Feb 2020 11:06:29 +0100
Superseded in sid-release on 2020-02-01
exim4 (4.93-9) unstable; urgency=medium

  * Add 74_22-Taint-hybrid-checking-mode.patch.

 -- Andreas Metzler <email address hidden>  Thu, 16 Jan 2020 18:15:36 +0100
Superseded in sid-release on 2020-01-16
exim4 (4.93-7) unstable; urgency=medium

  * README.Debian: Expand a little bit on how macros work. (See #948308)
  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Sat, 11 Jan 2020 11:12:35 +0100
Deleted in experimental-release (Reason: None provided.)
exim4 (4.93-6) experimental; urgency=low

  * Improve on reproducible build, set EXIM_ARCHTYPE=DEB_TARGET_GNU_CPU to
    override/avoid CPU detection with uname -m.
  * More updates from exim-4.93+fixes:
    74_18-SPF-fix-handling-mix-of-spf-and-other-txt-records.-B.patch
  * Polish debian/rules. (Use CURDIR instead of executing `pwd`, avoid :=
    assignments with $(shell).
  * Build with SMTPUTF8 support. (SUPPORT_I18N_2008 and SUPPORT_I18N)
    Closes: #885149
    In configuration set smtputf8_advertise_hosts to '' instead of '*'.

 -- Andreas Metzler <email address hidden>  Mon, 06 Jan 2020 13:58:44 +0100
Superseded in sid-release on 2020-01-11
exim4 (4.93-5) unstable; urgency=medium

  * More updates from exim-4.93+fixes:
    74_14-SPF-only-require-v-spf1-on-TXT-DNS-records-during-lo.patch
    74_15-Eximon-fix-string-handling.-Bug-2500.patch
    74_16-Fix-build-with-heimdal-gssapi.-Bug-2501.patch
    74_17-Fix-the-variables-set-by-gsasl-authenticator.patch

 -- Andreas Metzler <email address hidden>  Fri, 03 Jan 2020 19:02:33 +0100
Superseded in sid-release on 2020-01-03
exim4 (4.93-4) unstable; urgency=medium

  * Improve on TLS info in README.Debian.
  * More updates  from exim-4.93+fixes:
    74_10-DMARC-default-dmarc_tld_file-to-unset.-Bug-2494.patch
    74_11-Zero-smtp-context-structure-after-allocation.patch
    74_13-ARC-Reset-received-ARC-instance-counter-before-next-.patch

 -- Andreas Metzler <email address hidden>  Thu, 26 Dec 2019 15:13:40 +0100
Superseded in sid-release on 2019-12-26
exim4 (4.93-3) unstable; urgency=medium

  * More updates (4.93.0.3) from exim-4.93+fixes:
    74_08-ARC-fix-crash-induced-by-misordered-headers.-Bug-249.patch
    74_09-Fix-taint-issue-with-retry-records.-Bug-2492.patch

 -- Andreas Metzler <email address hidden>  Fri, 13 Dec 2019 18:56:18 +0100
Superseded in sid-release on 2019-12-13
exim4 (4.93-2) unstable; urgency=medium

  * Update to exim-4.93+fixes branch
    74_01-PAM-fix-crash-in-the-pam-expansion-condition.-Bug-24.patch
    74_02-Regard-command-line-recipients-as-tainted.patch
    74_03-TFO-disable-for-FreeBSD.patch
    74_04-Hurd-errno-really-uses-more-than-a-short-sized-value.patch
    74_06-local_scan-align-local_scan.h-and-docs-re.-store_get.patch
    74_07-Fix-taint-issue-in-transport-with-DSN.-Bug-2491.patch

 -- Andreas Metzler <email address hidden>  Thu, 12 Dec 2019 18:25:44 +0100
Superseded in sid-release on 2019-12-13
exim4 (4.93-1) unstable; urgency=low

  * Point watchfile to release directory again.
  * New upstream version.

 -- Andreas Metzler <email address hidden>  Mon, 09 Dec 2019 19:05:17 +0100
Superseded in sid-release on 2019-12-11
exim4 (4.93~RC7-1) unstable; urgency=low

  * New upstream version.
    + Update md5 hash for upstream example configuration. (Change not relevant
      for Debian)
  * 75_01-Build-Enable-GNU-Hurd-Bug-2476.patch and
    75_02-TFO-disable-for-FreeBSD.patch from upstream 4.next branch: Re-enable
    build on GNU/hurd. (Thanks. Samuel Thibault) Closes: #945943

 -- Andreas Metzler <email address hidden>  Thu, 05 Dec 2019 17:50:20 +0100
Superseded in sid-release on 2019-12-06
exim4 (4.93~RC5-1) unstable; urgency=low

  * New upstream version.
    + Bump exim4-localscanap Provides.

 -- Andreas Metzler <email address hidden>  Wed, 27 Nov 2019 19:25:06 +0100
Superseded in sid-release on 2019-11-28
exim4 (4.93~RC4-1) unstable; urgency=low

  * New upstream version.

 -- Andreas Metzler <email address hidden>  Tue, 19 Nov 2019 19:39:37 +0100
Superseded in sid-release on 2019-11-20
exim4 (4.93~RC3-1) unstable; urgency=low

  * Drop (dead) link to openspf.org in rcpt ACL message string.
    Closes: #944786
  * New upstream version.
    + Unfuzz 90_localscan_dlopen.dpatch.

 -- Andreas Metzler <email address hidden>  Sun, 17 Nov 2019 11:37:15 +0100
Superseded in buster-release on 2020-08-01
exim4 (4.92-8+deb10u3) buster-security; urgency=high

  * 78_02-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch:
    Fix buffer overflow in string_vformat.

 -- Andreas Metzler <email address hidden>  Fri, 27 Sep 2019 18:09:35 +0200
Superseded in sid-release on 2019-11-17
exim4 (4.93~RC2-1) unstable; urgency=low

  * New upstream beta version.
    + Drop patches/75*.
  * Allow overriding cron.daily paniclog report recipient. Closes: #611085
  * Add REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES and
    REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS to set tls_verify_certificates and
    tls_verify_hosts respectively on the remote_smtp_smarthost transport.
    Closes: #823831
    In addition to that add REMOTE_SMTP_HOSTS_REQUIRE_TLS to set
    hosts_require_tls for the remote_smtp transport. Closes: #780033

 -- Andreas Metzler <email address hidden>  Sun, 10 Nov 2019 13:30:37 +0100
Superseded in sid-release on 2019-11-10
exim4 (4.93~RC1-4) unstable; urgency=low

  * Add libnet-ssleay-perl dependency to "basic" autopkg test. We do not need
    it yet but will forget for sure to add it when we do.
  * Following upstream defaults do not disable incoming TLS by default - i.e.
    if MAIN_TLS_ENABLE is not set - but use a self-signed certificate.
    (Relevant upstream changes: tls_advertise_hosts defaults to * for TLS
    builds since 4.87_JH/18, on-demand generation of self-signed certificate
    for inbound SMTP since 4.88_JH/05, 4.93_JH/23 TLS enabled build by
    default.)
  * 75_02-Revert-preallocate-store-for-config-which-appears-to.patch: Fix
    mismerge which triggered a test error on mipsel. Closes: #944060

 -- Andreas Metzler <email address hidden>  Sat, 09 Nov 2019 19:25:10 +0100
Superseded in sid-release on 2019-11-10
exim4 (4.93~RC1-3) unstable; urgency=low

  * 75_01-Dsearch-Fix-taint-handling-in-lookup.-Bug-2465.patch: Untaint
    dsearch lookup. Closes: #944199

 -- Andreas Metzler <email address hidden>  Sat, 09 Nov 2019 15:10:27 +0100
Superseded in sid-release on 2019-11-09
exim4 (4.93~RC1-2) unstable; urgency=low

  * autopkg test: Drop (python2) test for ancient vulnerability and do some
    basic testing with swaks instead. Closes: #943006
  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Sun, 03 Nov 2019 14:39:28 +0100
Deleted in experimental-release (Reason: None provided.)
exim4 (4.93~RC1-1) experimental; urgency=low

  * New upstream beta version.
    + Drop 75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch,
      75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch and
      75_03_Fix-local-scan-ABI.-Bug-2458.patch.
    + Update debian/example.conf.md5 (Removal of dnssec_request_domains was
      already implemented in 4.93~RC0-1.)
  * exigrep does case sensitive *option* processing (as it did for all
    versions <4.90). Notably -M, -m, --invert, -I may be affected.
    Closes: #927280
    (This change was already present in RC0.)

 -- Andreas Metzler <email address hidden>  Thu, 31 Oct 2019 18:22:11 +0100
Superseded in experimental-release on 2019-11-02
exim4 (4.93~RC0-2) experimental; urgency=low

  * 75_03_Fix-local-scan-ABI.-Bug-2458.patch: Fix function prototypes in
    local_scan.h.
  * 90_localscan_dlopen.dpatch: Unfuzz, mark
    string_copy_function/string_copy_taint_function/string_copyn_function in
    string.c as visible.
  * Provide exim4-localscanapi-2.1.
  * Drop sa-exim Breaks, the localscanapi version bump makes this superfluous.

 -- Andreas Metzler <email address hidden>  Sun, 27 Oct 2019 13:48:27 +0100
Superseded in experimental-release on 2019-10-27
exim4 (4.93~RC0-1) experimental; urgency=low

  * Point watchfile to test-subdirectory.
  * New upstream beta version.
    + Drop debian/patches/7[56]*.
    + Unfuzz 90_localscan_dlopen.dpatch.
    + Unfuzz/update (explicit -lnsl) debian/EDITME*
    + Update configuration, mirorring upstream changes.
      Both dnssec_request_domains and hosts_try_dane now default to '*', drop
      these settings. REMOTE_SMTP_DISABLE_DANE is a noop, now.
    + Exim DH param configuration (tls_dhparam) now makes use of the current
      GnuTLS (> 3.6) functionality, which implements rfc 7919. Drop
      unnecessary packaging bits.
    + Pull post release fix from upstream GIT
      (75_01-Fix-HAVE_LOCAL_SCAN-build.-Bug-2457.patch) to fix build error
      with HAVE_LOCAL_SCAN=yes.
    + Update 90_localscan_dlopen.dpatch to #include documented interface
      (local_scan.h) instead of exim.h.
  * debian/rules: Do not try to build -heavy if -light failed.
  * 75_02-CHUNKING-fix-all-RCPTs-rejected-non-pipelined.-Bug-2.patch:
    Post-release hix from upstream GIT.
    https://bugs.exim.org/show_bug.cgi?id=2454
  * The localscan dlopen functionality is broken, (temporarily) drop
    exim4-localscanapi-2.0 from Provides.

 -- Andreas Metzler <email address hidden>  Sun, 20 Oct 2019 13:46:49 +0200
Superseded in sid-release on 2019-11-10
exim4 (4.92.3-1) unstable; urgency=medium

  * Fix (commented) examples in configuration for clamd and courier authdaemon
    to refer to /run instead of /var/run. Closes: #942292
  * While we are at it also fix exim pid file path in exim(8).
  * New upstream version (identical to 4.92.2 +
    75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch, i.e.
    4.92.2-3).
  * Use patches from exim-4.92.3+fixes, add
    75_36-Fix-errorcheck-in-smtp-transport.patch.
  * [lintian] Set Rules-Requires-Root: binary-targets.

 -- Andreas Metzler <email address hidden>  Fri, 18 Oct 2019 18:44:35 +0200
Superseded in sid-release on 2019-10-19
exim4 (4.92.2-3) unstable; urgency=critical

  * 75_36-Fix-buffer-overflow-in-string_vformat.-Bug-2449.patch: Fix buffer
    overflow in string_vformat. CVE-2019-16928

 -- Andreas Metzler <email address hidden>  Sat, 28 Sep 2019 06:41:18 +0200
Superseded in sid-release on 2019-09-28
exim4 (4.92.2-2) unstable; urgency=medium

  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Sun, 08 Sep 2019 15:10:46 +0200
Superseded in stretch-release on 2020-02-08
exim4 (4.89-2+deb9u5) stretch-security; urgency=high

  * Fix remote command execution vulnerability related to
    "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006

 -- Andreas Metzler <email address hidden>  Sat, 20 Jul 2019 13:32:35 +0200
Superseded in buster-release on 2019-11-16
exim4 (4.92-8+deb10u1) buster-security; urgency=high

  * Fix remote command execution vulnerability related to
    "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006

 -- Andreas Metzler <email address hidden>  Sat, 20 Jul 2019 13:35:58 +0200
Deleted in experimental-release (Reason: None provided.)
exim4 (4.92.2-1) experimental; urgency=medium

  * New upstream security release (identical except for the version number to
    4.92.1 + 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch).
    + Drop 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch.
  * Refresh from exim-4.92.2+fixes branch:
    + 75_32-Fix-domain-for-a-bare-local-part-input.-Bug-2375.patch
    + 75_33-exim_dbmbuild-handle-0-sequence.patch
    + 75_34-fixup-exim_dbmbuild-handle-0-sequence.patch


 -- Andreas Metzler <email address hidden>  Sat, 07 Sep 2019 11:00:29 +0200
Superseded in sid-release on 2019-09-08
exim4 (4.92.1-3) unstable; urgency=high

  * 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch - Fix SNI
    related buffer overflow. CVE-2019-15846

 -- Andreas Metzler <email address hidden>  Tue, 03 Sep 2019 19:35:34 +0200
Superseded in sid-release on 2019-09-06
exim4 (4.92.1-2) unstable; urgency=medium

  * Pulled from exim-4.92+fixes branch:
    + 75_30-Fix-crash-after-TLS-channel-shutdown.patch
    + 75_31-Auth-handle-socket-read-errors-in-Dovecot-authentica.patch
  * Add Breaks: sa-exim (<< 4.2.1-17) to -heavy, see #930648.
  * Change *.logrotate to nocreate to work around #400198.
    Closes: #399930

 -- Andreas Metzler <email address hidden>  Wed, 14 Aug 2019 09:25:28 +0200
Superseded in sid-release on 2019-08-14
exim4 (4.92.1-1) unstable; urgency=low

  * New upstream bugfix release. (4.92.1 is 4.92 + the fix for CVE-2019-13917,
    so there are no source changes to the previous upload.)
    + Drop 77_Avoid-re-expansion-in-sort-CVE-2019-13917-OVE-201907.patch.
    + Use patches from exim-4.92.1+fixes branch.
  * In cron.daily use '/usr/sbin/exim4 -be '${primary_hostname}' instead of
    hostname --fqdn to get local hostname (for information purposes).
    Closes: #933231
  * Run exim4-base daily job via systemd.timer to guarantee execution after
    logrotate. Closes: #932328 (Thanks to Sven Hartge for bug-report and
    patch)
  * Add systemd-sysv as alternative for fulfilling the cron dependency.
  * Use debhelper 12 compat.

 -- Andreas Metzler <email address hidden>  Sun, 04 Aug 2019 14:28:22 +0200
Superseded in sid-release on 2019-08-04
exim4 (4.92-10) unstable; urgency=high

  * Fix remote command execution vulnerability related to
    "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006

 -- Andreas Metzler <email address hidden>  Sat, 20 Jul 2019 19:01:57 +0200
Superseded in sid-release on 2019-07-25
exim4 (4.92-9) unstable; urgency=low

  * exim4-base.cron.daily, paniclog warning mail:
    + Improve on wording. ${E4BCD_PANICLOG_LINES} only sets an upper limit
      of reported lines, there might be less lines than that in the mail.
      Closes: #929626
    + Instead of quoting the last ${E4BCD_PANICLOG_LINES} send out the last
      lines not filtered out by "$E4BCD_PANICLOG_NOISE". Closes: #929798
  * Add missing patches from exim-4.92+fixes branch, other patches renamed for
    proper order.
    + 75_11-Fix-bP-smtp_receive_timeout-.-Bug-2384.patch
    + 75_12-Fix-build-with-recent-LibreSSL-when-including-DANE.-.patch
    + 75_13-SPF-better-buld-compatibility-with-OpenBSD.patch
    + 75_15-GnuTLS-3.6.7-cipher-strings.patch
    + 75_17-Fix-listing-a-named-queue-by-a-non-admin-user.-Bug-2.patch
    + 75_21-Unbreak-heimdal_gssapi-auth-driver.patch
    + 75_22-Fix-DSN-Final-Recipient-field.patch
    + 75_23-Fix-bounce-generation-under-RFC-3461-request.-Bug-24.patch
  * 75_20-Fix-detection-of-32b-platform-at-build-time.-Bug-240.patch is now
    also from + fixes branch.
  * Tighten dependency of exim4 on daemon packages. Closes: #930519 Add
    lintian override for version-substvar-for-external-package.

 -- Andreas Metzler <email address hidden>  Fri, 05 Jul 2019 19:23:53 +0200
Superseded in buster-release on 2019-09-07
Superseded in sid-release on 2019-07-09
exim4 (4.92-8) unstable; urgency=low

  * Pulled from exim-4.92+fixes branch:
    + 75_11-GnuTLS-fix-tls_out_ocsp-under-hosts_request_ocsp.patch
      Fix expansion of $tls_out_ocsp under hosts_request_ocsp.
    + 75_12-GnuTLS-fix-the-advertising-of-acceptable-certs-by-th.patch
      When tls_verify_certificates was set to a directory instead of a file
      exim/GnuTLS would still send out the list of accepted certificates,
      This did not match documented behavior.
    + 75_13-Use-dsn_from-for-success-DSN-messages.-Bug-2404.patch
      The dsn_from option was not used for DSN success messages.
  * Pulled from upstream GIT master:
    + 75_14-Fix-smtp-response-timeout.patch
      Fix the timeout on smtp response to apply to the whole response instead
      of resetting for every byte received.
    + 75_15-Fix-detection-of-32b-platform-at-build-time.-Bug-240.patch
      https://bugs.exim.org/show_bug.cgi?id=2405
      ${eval } was broken on 32bit archs.

 -- Andreas Metzler <email address hidden>  Sat, 08 Jun 2019 17:37:43 +0200
Superseded in buster-release on 2019-06-19
Superseded in sid-release on 2019-06-08
exim4 (4.92-7) unstable; urgency=medium

  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Tue, 07 May 2019 19:44:23 +0200
Deleted in experimental-release (Reason: None provided.)
exim4 (4.92-6) experimental; urgency=medium

  * Revert 90_localscan_dlopen.dpatch removal to give Magnus some chance for
    debugging sa-exim.
  * Set HAVE_LOCAL_SCAN=yes in EDITME.
  * Upload to experimental.

 -- Andreas Metzler <email address hidden>  Tue, 16 Apr 2019 17:58:20 +0200
Superseded in sid-release on 2019-05-08
exim4 (4.92-5) unstable; urgency=medium

  * Improved spam-scanning example with accompaning information in
    README.Debian. Explicitly warn about adding the default SpamAssassin
    report in a header, which Closes: #774553
  * Drop 90_localscan_dlopen.dpatch. (It has been non-functional for a couple
    of months.) Closes: #925982 Add a Conflicts for sa-exim, which relied on
    the (working) version of the patch. Drop exim4-dev package. Add a NEWS
    entry for this change.

 -- Andreas Metzler <email address hidden>  Sun, 07 Apr 2019 13:39:31 +0200
Superseded in sid-release on 2019-05-08
exim4 (4.92-4) unstable; urgency=medium

  * Another patch from exim-4.92+fixes branch:
    75_10-Harden-plaintext-authenticator.patch

 -- Andreas Metzler <email address hidden>  Fri, 22 Mar 2019 07:15:20 +0100
Superseded in sid-release on 2019-03-22
exim4 (4.92-3) unstable; urgency=medium

  * Pull fixes from exim-4.92+fixes branch.
    + 75_05-Fix-expansions-for-RFC-822-addresses-having-comments.patch
    + 75_06-Docs-Add-note-on-lsearch-for-IPv4-mapped-IPv6-addres.patch
    + 75_07-Fix-crash-from-SRV-lookup-hitting-a-CNAME.patch
    + 75_08-Logging-fix-initial-listening-on-log-line.patch
    + 75_09-OpenSSL-Fix-aggregation-of-messages.patch

 -- Andreas Metzler <email address hidden>  Wed, 20 Mar 2019 17:01:29 +0100
Superseded in buster-release on 2019-05-10
Superseded in sid-release on 2019-03-20
exim4 (4.92-2) unstable; urgency=medium

  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Wed, 20 Feb 2019 19:23:11 +0100
Deleted in experimental-release (Reason: None provided.)
exim4 (4.92-1) experimental; urgency=medium

  * Point watchfile to release directory again.
  * New upstream stable release, identical to rc6 except for the version
    string.
  * Pull fixes from exim-4.92+fixes branch.
    + 75_01-Fix-json-extract-operator-for-unfound-case.patch
    + 75_02-Fix-transport-buffer-size-handling.patch
    + 75_03-Fix-info-on-using-local_scan-in-the-default-Makefile.patch
    + 75_04-GnuTLS-Fix-client-detection-of-server-reject-of-clie.patch
  * Upload to experimental while waiting for rc6 to migrate.

 -- Andreas Metzler <email address hidden>  Sun, 17 Feb 2019 13:13:55 +0100
Superseded in buster-release on 2019-03-03
Superseded in sid-release on 2019-02-21
exim4 (4.92~RC6-1) unstable; urgency=low

  * New upstream snapshot rc6, includes
    40_01-Fix-dkim_verify_signers-option.-Bug-2366.patch.

 -- Andreas Metzler <email address hidden>  Sat, 09 Feb 2019 14:33:15 +0100
Superseded in buster-release on 2019-02-20
Superseded in sid-release on 2019-02-10
exim4 (4.92~RC5-2) unstable; urgency=high

  * In init script use start-stop-daemon directly instead of lsb-base's
    killproc which currently fails to pass on the executable name to s-s-d
    (921558). This broke with s-s-d 1.19.2 which (for security reasons)
    requires further filtering arguments in addition to --pidfile when the pid
    file is not owned by root. Closes: #921205

 -- Andreas Metzler <email address hidden>  Thu, 07 Feb 2019 18:42:41 +0100
Superseded in buster-release on 2019-02-10
Superseded in sid-release on 2019-02-08
exim4 (4.92~RC5-1) unstable; urgency=medium

  * New upstream snapshot rc5.
  * 40_01-Fix-dkim_verify_signers-option.-Bug-2366.patch: dkim_verify_signers
    was ignored.

 -- Andreas Metzler <email address hidden>  Thu, 31 Jan 2019 19:25:03 +0100
Superseded in buster-release on 2019-02-03
Superseded in sid-release on 2019-02-01
exim4 (4.92~RC4-3) unstable; urgency=medium

  * Refresh debian/upstream/signing-key.asc from
    https://downloads.exim.org/Exim-Maintainers-Keyring.asc.
  * Drop outdated pointers to alioth package homepage from README.Debian.
  * Update exim4-config Breaks to enforce upgrade to daemon binary package
    with DANE support. Closes: #919902
  * [lintian] Minimize upstream/signing-key.asc.

 -- Andreas Metzler <email address hidden>  Sun, 20 Jan 2019 17:52:39 +0100
Superseded in buster-release on 2019-01-23
Superseded in sid-release on 2019-01-21
exim4 (4.92~RC4-2) unstable; urgency=medium

  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Sat, 05 Jan 2019 15:35:38 +0100
Deleted in experimental-release (Reason: None provided.)
exim4 (4.92~RC4-1) experimental; urgency=low

  * New upstream version.
    + Drop 75_GnuTLS-repeat-lowlevel-read-and-write-operations-whi.patch.
    + Unfuzz patches.

 -- Andreas Metzler <email address hidden>  Mon, 31 Dec 2018 13:13:45 +0100
Superseded in buster-release on 2019-01-08
Superseded in sid-release on 2019-01-06
exim4 (4.92~RC3-1) unstable; urgency=low

  * Add 75_GnuTLS-repeat-lowlevel-read-and-write-operations-whi.patch from
    upstream GIT master, fixing outgoing TLS 1.3.
    https://bugs.exim.org/show_bug.cgi?id=2359
  * New upstream version.
  * Upload to unstable.

 -- Andreas Metzler <email address hidden>  Wed, 26 Dec 2018 16:07:52 +0100
Deleted in experimental-release (Reason: None provided.)
exim4 (4.92~RC2-1) experimental; urgency=low

  * New upstream version.
    + Drop 75_01-Fix-parsing-of-option-type-Kint-integer-stored-in-K-.patch

 -- Andreas Metzler <email address hidden>  Tue, 18 Dec 2018 19:20:24 +0100
Superseded in experimental-release on 2018-12-19
exim4 (4.92~RC1-1) experimental; urgency=low

  * Update upstream/signing-key.asc from
    https://ftp.exim.org/pub/exim/Exim-Maintainers-Keyring.asc, adding
    96E4754B8F93C1B239F1A95785BCF7AC6735A680 while removing
    1F9C181B1E83D2099F02C95AC4F4F94804D29EBA and
    FAA1C7F9CD077DC4304BC0C885AB833FDDC03262.
  * New upstream release candidate:
    + Point watchfile to test subdir.
    + Update watchfile to handle -RC1 in addition to _RC1.
    + Drop 75_fixes*.patch.
    + Unfuzz 32_exim4.dpatch and 90_localscan_dlopen.dpatch
    + Update configuration from upstream example, except for
      tls_sni/tls_require_ciphers settings on remote_smtp_smarthost transport:
      * Enable dns_dnssec_ok.
      * Set dnssec_request_domains = * on dnslookup and
        dnslookup_relay_to_domains routers.
      * Set hosts_try_dane = */dnssec_request_domains = * on remote_smtp
        transport unless REMOTE_SMTP_DISABLE_DANE is set.
      * Set multi_domain on remote_smtp_smarthost transport.
  * Post release updates:
    + 75_01-Fix-parsing-of-option-type-Kint-integer-stored-in-K-.patch

 -- Andreas Metzler <email address hidden>  Sat, 15 Dec 2018 16:24:54 +0100
Superseded in buster-release on 2019-01-03
Superseded in sid-release on 2018-12-26
exim4 (4.91-9) unstable; urgency=low

  * Run "wrap-and-sort --max-line-length=72 --short-indent" and add back
    autodeleted comments.
  * Update from exim-4_91+fixes branch:
    + 75_fixes_26-Fix-bad-use-of-library-copying-string-over-itself.patch
    + 75_fixes_27-Fix-cyrus-sasl-authenticator-for-authenticated_fail_.patch
    + 75_fixes_28-Avoid-leaving-domain-live-with-bogus-info-during-ser.patch
    + 75_fixes_29-Fix-AUTH_GSASL-build.patch
    + 75_fixes_30-Harden-string-list-handling.patch

 -- Andreas Metzler <email address hidden>  Thu, 06 Dec 2018 19:19:38 +0100
Superseded in buster-release on 2018-12-16
Superseded in sid-release on 2018-12-07
exim4 (4.91-8) unstable; urgency=low

  [ Andreas Metzler ]
  * Update from exim-4_91+fixes branch:
    + 75_fixes_18-Restore-Darwin-OS-configuration.patch
    + 75_fixes_20-Fix-filter-noerror-command.-Bug-2318.patch
    + 75_fixes_21-DANE-fix-TA-mode-verify-under-GnuTLS.-Bug-2311.patch
    + 75_fixes_22-Testsuite-track-newer-GnuTLS-behaviour.patch
    + 75_fixes_24-DANE-ignore-undersized-TLSA-records.patch
    + 75_fixes_25-Logging-do-not-log-a-missing-proxy-address-on-delive.patch

  [ Marc Haber ]
  * Move definition of CHECK_RCPT_*_LOCALPARTS macro to acl file proper.

 -- Andreas Metzler <email address hidden>  Sat, 29 Sep 2018 19:08:52 +0200
Superseded in buster-release on 2018-10-07
Superseded in sid-release on 2018-09-30
exim4 (4.91-7) unstable; urgency=low

  * Update from exim-4_91+fixes branch:
    + 75_fixes_16-Fix-non-EVENTS-build.patch
    + 75_fixes_17-Fix-cutthrough-delivery-for-more-than-one-iteration-.patch

 -- Andreas Metzler <email address hidden>  Sun, 26 Aug 2018 11:33:15 +0200
Superseded in buster-release on 2018-09-02
Superseded in sid-release on 2018-08-26
exim4 (4.91-6) unstable; urgency=low

  * Update from exim-4_91+fixes branch:
    + 75_fixes_13-DKIM-Fix-signing-for-body-lines-starting-with-a-pair.patch
    + 75_fixes_14-ARC-Fix-verification-to-do-AS-checks-in-reverse-orde.patch
    + 75_fixes_15-I18N-Fix-protocol-recorded-for-a-multi-SMTPUTF8-mess.patch
  * [lintian] Do not run mininal testsuite with DEB_BUILD_OPTIONS=nocheck.
    (override_dh_auto_test-does-not-check-DEB_BUILD_OPTIONS)

 -- Andreas Metzler <email address hidden>  Fri, 20 Jul 2018 11:21:24 +0200
Published in jessie-release on 2018-06-23
exim4 (4.84.2-2+deb8u5) jessie-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix base64d() buffer size (CVE-2018-6789) (Closes: #890000)

 -- Salvatore Bonaccorso <email address hidden>  Sat, 10 Feb 2018 10:16:21 +0100
175 of 268 results