-
exim4 (4.96-17ubuntu2.2) mantic-security; urgency=medium
* SECURITY UPDATE: SMTP smuggling
- debian/patches/CVE-2023-51766-1.patch: Reject "dot, LF" as
ending data phase in src/receive.c, src/smtp_in.c.
- debian/patches/CVE-2023-51766-2.patch: use enum for body data
input state-machine in src/receive.c.
- debian/patches/CVE-2023-51766-3.patch: fix in src/receive.c.
- CVE-2023-51766
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 11 Jan 2024 12:40:18 -0300
-
exim4 (4.96-17ubuntu2.1) mantic-security; urgency=medium
* SECURITY UPDATE: remote code execution
- debian/patches/CVE-2023-42117.patch: fixed string_is_ip_address()
in string.c
- CVE-2023-42117
* SECURITY UPDATE: information disclosure
- debian/patches/CVE-2023-42119.patch: hardened dnsdb.c against
crafted DNS responses.
- CVE-2023-42119
-- Allen Huang <email address hidden> Wed, 25 Oct 2023 01:21:02 +0100
-
exim4 (4.96-17ubuntu2) mantic; urgency=medium
* SECURITY UPDATE: information disclosure
- debian/patches/CVE-2023-42114.patch: fix possible OOB read in
SPA authenticator
- CVE-2023-42114
* SECURITY UPDATE: remote code execution
- debian/patches/CVE-2023-42115.patch: fix possible OOB write in
external authenticator
- CVE-2023-42115
* SECURITY UPDATE: remote code execution
- debian/patches/CVE-2023-42116.patch: fix possible OOB write in
SPA authenticator
- CVE-2023-42116
* debian/patches/CVE-2023-42114_15_16.patch:
- use uschar more in spa authenticator
-- Allen Huang <email address hidden> Tue, 03 Oct 2023 14:35:45 +0100
-
exim4 (4.96-17ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2030098). Remaining changes:
- Disable external SPF support to avoid Build-Depends on libspf2-dev
(only available in universe). SPF can still be implemented via
spf-tools-perl, as documented in exim4.conf.template. This reverts
Vcs-Git commit 494f1fe, first released in 4.95~RC0-1.
(LP #1952738)
+ d/control: drop Build-Depends on libspf2-dev.
+ d/EDITME.exim4-heavy.diff: disable support for libspf2.
+ d/d/c/a/30_exim4-config_check_rcpt: restore SPF logic based
on spfquery.mail-spf-perl from spf-tools-perl, but without
the previously supported helo detection.
- Show Ubuntu distribution in SMTP banner
+ d/p/fix_smtp_banner.patch: Show Ubuntu distribution
in SMTP banner.
+ Build-Depends on lsb-release to detect Distribution.
* Dropped:
- d/p/fix-run--arg-parsing.patch: Fix argument parsing for ${run }
expansion. Previously, when an argument included a close-brace
character (e.g. it itself used an expansion) an error occurred.
(LP #1998678)
[Accepted by Debian in 4.96-16]
-- Bryce Harrington <email address hidden> Fri, 04 Aug 2023 20:28:47 -0700
-
exim4 (4.96-15ubuntu2) mantic; urgency=medium
* d/p/fix-run--arg-parsing.patch: Fix argument parsing for ${run }
expansion. Previously, when an argument included a close-brace
character (e.g. it itself used an expansion) an error occurred.
(LP: #1998678)
* d/d/c/a/30_exim4-config_check_rcpt: In SPF config snippet,
drop support for helo scope.
-- Bryce Harrington <email address hidden> Wed, 07 Jun 2023 22:28:04 -0700
-
exim4 (4.96-15ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2018070). Remaining changes:
- Show Ubuntu distribution in SMTP banner
+ d/p/fix_smtp_banner.patch: Show Ubuntu distribution
in SMTP banner.
+ Build-Depends on lsb-release to detect Distribution.
- Disable external SPF support to avoid Build-Depends on libspf2-dev
(only available in universe). SPF can still be implemented via
spf-tools-perl, as documented in exim4.conf.template. This reverts
Vcs-Git commit 494f1fe, first released in 4.95~RC0-1.
+ d/control: drop Build-Depends on libspf2-dev.
+ d/d/c/a/30_exim4-config_check_rcpt: restore SPF logic based
on spfquery.mail-spf-perl from spf-tools-perl.
+ d/EDITME.exim4-heavy.diff: disable support for libspf2.
-- Mitchell Dzurick <email address hidden> Fri, 19 May 2023 13:32:18 -0700
-
exim4 (4.96-14ubuntu1) lunar; urgency=medium
* Merge with Debian unstable (LP: #2008016). Remaining changes:
- Show Ubuntu distribution in SMTP banner
+ d/p/fix_smtp_banner.patch: Show Ubuntu distribution
in SMTP banner.
+ Build-Depends on lsb-release to detect Distribution.
- Disable external SPF support to avoid Build-Depends on libspf2-dev
(only available in universe). SPF can still be implemented via
spf-tools-perl, as documented in exim4.conf.template. This reverts
Vcs-Git commit 494f1fe, first released in 4.95~RC0-1.
+ d/control: drop Build-Depends on libspf2-dev.
+ d/d/c/a/30_exim4-config_check_rcpt: restore SPF logic based
on spfquery.mail-spf-perl from spf-tools-perl.
+ d/EDITME.exim4-heavy.diff: disable support for libspf2.
-- Bryce Harrington <email address hidden> Tue, 21 Feb 2023 19:52:34 +0000
