Author: Artur Rona
Revision Date: 2015-09-17 13:18:20 UTC

* Merge from Debian unstable. (LP: #1485369) Remaining changes:
  - debian/control, debian/patches/fix_smtp_banner.patch:
    + Show Ubuntu distribution in SMTP banner.
    + Build-Depends on lsb-release.

Author: Artur Rona
Revision Date: 2015-09-17 13:18:20 UTC

* Merge from Debian unstable. (LP: #1485369) Remaining changes:
  - debian/control, debian/patches/fix_smtp_banner.patch:
    + Show Ubuntu distribution in SMTP banner.
    + Build-Depends on lsb-release.

Author: Artur Rona
Revision Date: 2015-03-19 00:15:40 UTC

* Merge from Debian unstable. (LP: #1434300) Remaining changes:
  - debian/control, debian/patches/fix_smtp_banner.patch:
    + Show Ubuntu distribution in SMTP banner.
    + Build-Depends on lsb-release.
  - debian/control:
    + Don't provide default-mta; in Ubuntu,
      we want postfix to be the default.

Author: Artur Rona
Revision Date: 2015-03-19 00:15:40 UTC

* Merge from Debian unstable. (LP: #1434300) Remaining changes:
  - debian/control, debian/patches/fix_smtp_banner.patch:
    + Show Ubuntu distribution in SMTP banner.
    + Build-Depends on lsb-release.
  - debian/control:
    + Don't provide default-mta; in Ubuntu,
      we want postfix to be the default.

Author: Colin Watson
Revision Date: 2014-08-21 12:18:13 UTC

Rebuild for Perl 5.20.0.

Author: Colin Watson
Revision Date: 2014-08-21 12:18:13 UTC

Rebuild for Perl 5.20.0.

Author: Martin Pitt
Revision Date: 2014-02-25 17:33:13 UTC

debian/tests/control: Add missing python test dependency, as
debian/tests/security calls python.

Author: Martin Pitt
Revision Date: 2014-02-25 17:33:13 UTC

debian/tests/control: Add missing python test dependency, as
debian/tests/security calls python.

Author: Yolanda Robla
Revision Date: 2013-06-20 15:47:24 UTC

debian/patches/fix_smtp_banner.patch: updated SMTP banner
with Ubuntu distribution

Author: Yolanda Robla
Revision Date: 2013-06-18 19:17:43 UTC

* debian/patches/fix_smtp_banner.patch: updated SMTP banner
  with Ubuntu distribution
* debian/control: added lsb-release build dependency

Author: Yolanda Robla
Revision Date: 2013-06-18 19:17:43 UTC

* debian/patches/fix_smtp_banner.patch: updated SMTP banner
  with Ubuntu distribution
* debian/control: added lsb-release build dependency

Author: Yolanda Robla
Revision Date: 2013-05-23 13:17:37 UTC

fixing wrong comment

Author: Robie Basak
Revision Date: 2013-04-08 18:13:15 UTC

* Merge from Debian unstable (LP: #1166383). Remaining changes:
  - debian/control: Don't declare a Provides: default-mta; in Ubuntu,
    we want postfix to be the default.

Author: Robie Basak
Revision Date: 2013-04-08 18:13:15 UTC

* Merge from Debian unstable (LP: #1166383). Remaining changes:
  - debian/control: Don't declare a Provides: default-mta; in Ubuntu,
    we want postfix to be the default.

Author: urusha
Revision Date: 2012-12-12 16:05:42 UTC

Increase smtp_cmd_buffer_size to 16384 (upstream bug #879, fixed in 4.77).
This allows using smtp kerberos/gssapi auth against AD/samba4 on windows.
(LP: #1088136)

Author: urusha
Revision Date: 2012-12-12 16:05:42 UTC

Increase smtp_cmd_buffer_size to 16384 (upstream bug #879, fixed in 4.77).
This allows using smtp kerberos/gssapi auth against AD/samba4 on windows.
(LP: #1088136)

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:22:46 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:22:46 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:26:32 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:27:56 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:27:56 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:48:31 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:48:31 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:29:01 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Marc Deslauriers
Revision Date: 2012-10-25 08:29:01 UTC

* SECURITY UPDATE: arbitrary code execution via dns decode logic
  - debian/patches/CVE-2012-5671.patch: adjust max length and validate
    against it in src/pdkim/pdkim.h, src/dkim.c.
  - CVE-2012-5671

Author: Clint Byrum
Revision Date: 2012-06-14 15:28:08 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/control: Don't declare a Provides: default-mta; in Ubuntu,
    we want postfix to be the default.

Author: Clint Byrum
Revision Date: 2011-11-23 23:29:35 UTC

Rebuild for libmysqlclient transition

Author: Stéphane Graber
Revision Date: 2011-05-30 17:48:56 UTC

* Merge from debian unstable. Remaining changes:
  - debian/control: Don't declare a Provides: default-mta; in Ubuntu,
    we want postfix to be the default.

Author: Marc Deslauriers
Revision Date: 2011-05-24 15:47:21 UTC

* SECURITY UPDATE: arbitrary code execution via DKIM identities
  - debian/patches/86_CVE-2011-1407.patch: don't use match_isinlist() for
    simple string list matching in src/receive.c.
  - CVE-2011-1407

Author: Marc Deslauriers
Revision Date: 2011-05-24 15:47:21 UTC

* SECURITY UPDATE: arbitrary code execution via DKIM identities
  - debian/patches/86_CVE-2011-1407.patch: don't use match_isinlist() for
    simple string list matching in src/receive.c.
  - CVE-2011-1407

Author: Marc Deslauriers
Revision Date: 2011-02-08 13:41:17 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024
* debian/rules: disable debconf-updatepo so the security update doesn't
  alter translations.

Author: Artur Rona
Revision Date: 2011-02-09 21:31:35 UTC

* Merge from debian experimental. Remaining changes: (LP: #713855)
  - debian/patches/71_exiq_grep_error_on_messages_without_size.patch:
    + Improve handling of broken messages when "exim4 -bp" (mailq)
      reports lines without size info. (Closes: #528625)
  - debian/control: Don't declare a Provides: default-mta; in Ubuntu,
    we want postfix to be the default.
  - debian/{control,rules}: Add and enable hardened build for PIE.
    (Closes: #542726)
* Update 71_exiq_grep_error_on_messages_without_size.patch to get way
  which upstream has fixed it. Probably it can be dropped with next
  upstream release.
* This upload fixes CVE: (LP: #708023)
  - CVE-2011-0017

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:51:38 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:19:27 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024
* debian/rules: disable debconf-updatepo so the security update doesn't
  alter translations.

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:51:38 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:19:27 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024
* debian/rules: disable debconf-updatepo so the security update doesn't
  alter translations.

Author: Marc Deslauriers
Revision Date: 2011-02-08 13:41:17 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024
* debian/rules: disable debconf-updatepo so the security update doesn't
  alter translations.

Author: Artur Rona
Revision Date: 2010-07-25 02:00:42 UTC

* Merge with Debian unstable (LP: #609620). Remaining changes:
  + debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch:
    Improve handling of broken messages when "exim4 -bp" (mailq) reports
    lines without size info.
  + Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be
    the default.
  + debian/control: Change build dependencies to MySQL 5.1.
  + debian/{control,rules}: add and enable hardened build for PIE
    (Closes: #542726).

Author: Paul Elliott
Revision Date: 2010-03-31 22:03:05 UTC

debian/exim4-base.exim4.init: Fix 'reload' action so that it
doesn't just stop the daemon (LP: #252686)

Author: Michael Bienia
Revision Date: 2010-01-01 16:28:19 UTC

* Merge with Debian unstable (lp: #501657). Remaining changes:
  + debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch:
    Improve handling of broken messages when "exim4 -bp" (mailq) reports
    lines without size info.
  + Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be
    the default.
  + debian/control: Change build dependencies to MySQL 5.1.
  + debian/{control,rules}: add and enable hardened build for PIE
    (Debian bug 542726).

Author: Kees Cook
Revision Date: 2009-08-20 17:33:26 UTC

debian/{control,rules}: add and enable hardened build for PIE
(Debian bug 542726).

Author: Dustin Kirkland 
Revision Date: 2009-02-11 06:43:52 UTC

[ Daniel van Eeden <launchpad@myname.nl> ]
debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch:
Improve handling of broken messages when "exim4 -bp" (mailq) reports lines
w/o size info, LP: #18194

Author: Steve Kowalik
Revision Date: 2008-10-11 01:28:14 UTC

No-change rebuild for libgnutls13 -> libgnutls26 transistion.

Author: Marc Haber
Revision Date: 2008-01-30 09:26:56 UTC

[ Marc Haber ]
* update-exim4.conf: fix bashism echo -n in preprocess_macro.
  Thanks to Michal Politowski. Closes: #462173

[ Christian Perrier ]
* Debconf translations updates:
  - German. Thanks to Eric Schanze. Closes: #462673

[Andreas Metzler]
* Add missing .P to exim_db.8 to fix indenting. (Thanks, David L. Anselmi)
  Closes: #462712
* Add (disabled) patch to save random seed to a file

Author: LaMont Jones
Revision Date: 2007-10-04 12:06:21 UTC

Trigger rebuild for hppa

Author: Martin Pitt
Revision Date: 2007-01-15 16:23:54 UTC

No-change upload for the libpq4->libpq5 transition.

Author: Marc Haber
Revision Date: 2006-06-24 08:56:19 UTC

* Move explanation about using ";" as separator in lists from debian/NEWS to
  debian/exim4-config.NEWS. (The former ends up as
  /usr/share/doc/eximon4/NEWS.Debian.gz.) Also fix version-number of
  entry. (am)
* have ue4.conf --verbose print split or non-split config.
  Thanks to Florian Laws. (mh)
* Mention http://pkg-exim4.alioth.debian.org/ in package description.
  Thanks to Florian Laws. (mh)
* Mention in package description that README.Debian has information
  about how to configure the Debian packages.
* /etc/init.d/exim4: parse extended inetd.conf syntax from
  openbsd-inetd. (mh) Closes: #365928
* New th (thai) translation.
  Thanks to Theppitak Karoonboonyanan. (mh) Closes: #367351
* New dz (Dzongkha) translation.
  Thanks to Pema Geyleg. (am) Closes: #368593
* New ne (Nepali) translation.
  Thanks to Paras pradhan. (am) Closes: #369526
* New eo (Esperanto) translation.
  Thanks to Serge Leblanc. (am) Closes: #369241
* Updated hu (hungarian) translation.
  Thanks to Attila Szervac. (am) Closes: #374616
* Make documentation of CHECK_RCPT_LOCAL_LOCALPARTS and
  CHECK_RCPT_REMOTE_LOCALPARTS more verbose and concentrate it in the
  ACL file. Thanks to Klaus Muth. (mh) Closes: #366491
* README.Debian.xml (mh)
  * Add new section documenting where to find documentation.
  * Move misplaced sentence.
  * Fix spelling errors in README.Debian.
    Thanks to Salvatore Bonaccorso. Closes: #366003
    Thanks to Ross Boylan. Closes: #374216
  * remove "you can stop reading now" sentence.
    Thanks to David Lawyer. Closes: #370790
  * Mention Debian-specific man pages
  * Give instructions about how to use apropos to find out about man
    pages.
* Documentation changes inspired by Ross Boylan. Closes: #369126
  * Add exim4-config_files(5) man page to aid as repository for file
    explanations.
    * /etc/email-addresses
    * /etc/exim4/local_host_blacklist
    * /etc/exim4/local_host_whitelist
    * /etc/exim4/local_sender_blacklist
    * /etc/exim4/local_sender_whitelist
    * /etc/exim4/local_sender_callout
    * /etc/exim4/local_rcpt_callout
    * /etc/exim4/local_domain_dnsbl_whitelist
    * /etc/exim4/hubbed_hosts
    * /etc/exim4/passwd
    * /etc/exim4/passwd.client
    * /etc/exim4/exim.crt
    * /etc/exim4/exim.key
    If you find any files that might be missing in the man page,
    please report a bug.
  * mention exim4-config_files(5) in update-exim4.conf.8
  * Explicitly mention README.Debian in exim man page.
  * Remove /usr/share/doc/exim4-config/default_acl, move contents to
    README.Debian and exim4-config_files.
* remove empty /usr/share/doc/exim4-config/examples.
* clarify docs in RCPT ACL.
* streamline docs:
  * hubbed_hosts router.
  * passwd.client.
  * server side authentication examples
* Standard-Version: 3.7.2, no changes necessary.

Author: Daniel Silverstone
Revision Date: 2006-04-13 11:32:52 UTC

Replace 37_dns_disable_additional_section with the upstream
sanctioned patch for this behaviour and turn it on.
Closes: launchpad #26820

Author: Martin Pitt
Revision Date: 2006-06-02 12:43:14 UTC

* SECURITY UPDATE: database SQL injection in certain client encodings.
* Add debian/patches/71_sql_quote_escaping.dpatch:
  - src/lookups/{my,pg}sql.c: In the string quoting functions, quote ' as
    '', not as \'. \' can be abused for SQL injection in some encodings, and
    '' is SQL standard anyway.
* CVE-2006-2314 (for PostgreSQL), CVE-2006-2753 (for MySQL)

Author: Marc Haber
Revision Date: 2005-07-02 06:08:34 UTC

* new upstream version 4.51. (mh)
  * adapt 70_remove_exim-users_references
  * remove 37_gnutlsparams
  * adapt 36_pcre
  * adapt 31_eximmanpage
* fix package priorities to have them in sync with override again. (mh)
* Fix error in nb (Norwegian) translation.
  Thanks to Helge Hafting. (mh). Closes: #315775
* Standards-Version: 3.6.2, no changes needed. (mh)

Author: Martin Pitt
Revision Date: 2006-06-02 13:01:28 UTC

* SECURITY UPDATE: database SQL injection in certain client encodings.
* Add debian/patches/71_sql_quote_escaping.dpatch:
  - src/lookups/{my,pg}sql.c: In the string quoting functions, quote ' as
    '', not as \'. \' can be abused for SQL injection in some encodings, and
    '' is SQL standard anyway.
* CVE-2006-2314 (for PostgreSQL), CVE-2006-2753 (for MySQL)

Author: Andreas Metzler
Revision Date: 2005-01-05 10:39:03 UTC

* urgency high because this upload fixes two minor security issues.
* more documentation for dc_localdelivery in update-exim4.conf.8.
* Move slightly more expensive tests in rcpt ACL further down. (This only
  changes commented out example code.) (Closes: #267708)
* Fix 62_statvfs to work with older versions of dpatch. (Closes: #286302)
* Version dpatch build-dependency to safeguard against reintroducing this
  bug.
* In comment point out that using saslauthd for SMTP AUTH requires giving
  exim privileges to use it.
* New patch 66_can2005-0021_can2005-0022.dpatch from
  http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html
  fixing two buffer overflows labeled CAN-2005-0021 and CAN-2005-0022
  (mh/am).

Author: Martin Pitt
Revision Date: 2005-01-07 12:18:05 UTC

* SECURITY UPDATE: fix several buffer overflows
* Added patch 66_can2005-0021_can2005-0022.dpatch (backported from Hoary/Sid
  version 4.34-10):
  - src/host.c, host_aton(): check input IPv6 address length and die if it
    is too long (CAN-2005-0021); input to this function is supposed to be
    checked already, but there was at least one case where this function got
    an unchecked value, so this is a fallback test
  - src/lookups/dnsdb.c, dnsdb_find(): check that PTR record value is really
    an IPv6 address (to avoid ungraceful die in later check in host_aton()
    function)
  - src/auths/auth-spa.[hc], spa_base64_to_bits(): add an output length
    buffer argument, check output buffer length while writing it to avoid
    overflow (CAN-2005-0022)
* References:
  CAN-2005-0021
  CAN-2005-0022
  http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html

Author: Fabio Massimo Di Nitto
Revision Date: 2004-08-12 12:22:48 UTC

* Syncing package from Debian.
* Revert Build-Dep to libgnutls10-dev.