Merge ~bryce/ubuntu/+source/exim4:merge-v4.93-13-focal into ubuntu/+source/exim4:debian/sid
- Git
- lp:~bryce/ubuntu/+source/exim4
- merge-v4.93-13-focal
- Merge into debian/sid
Status: | Merged |
---|---|
Approved by: | Bryce Harrington |
Approved revision: | 0676a4554d7029c31fe71f039b1bb6c43311f17e |
Merge reported by: | Christian Ehrhardt |
Merged at revision: | 0676a4554d7029c31fe71f039b1bb6c43311f17e |
Proposed branch: | ~bryce/ubuntu/+source/exim4:merge-v4.93-13-focal |
Merge into: | ubuntu/+source/exim4:debian/sid |
Diff against target: |
1175 lines (+804/-2) 4 files modified
debian/changelog (+746/-0) debian/control (+4/-2) debian/patches/fix_smtp_banner.patch (+53/-0) debian/patches/series (+1/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Christian Ehrhardt (community) | Approve | ||
Canonical Server | Pending | ||
Review via email: mp+381342@code.launchpad.net |
Commit message
Description of the change
Merges in a handful of bug fixes from Debian:
* Update from exim-4.93+fixes:
- 74_29-Fix-
+ https:/
+ Fix $mime_part_count. When a single connection had a non-mime
message following a mime one, the variable was not reset.
- 74_31-Taint-
+ https:/
+ Refines tainted input checking for urf8 characters
- 74_32-Fix-
+ https:/
+ Fix spurious detection of timeout while writing to transport filter.
- 74_33-Fix-
+ https:/
+ Fixes a crash that occurs in taint checking when sender_address is null
* [lintian] Move eximon.bin from /usr/lib/exim4 to /usr/libexec/exim4.
I've code-reviewed each of the above patches and they look safe and worth inclusion for focal.
PPA available for testing is at:
https:/
Usual tags pushed.
Bryce Harrington (bryce) wrote : | # |
Thanks, uploaded:
stirling:
stirling:
Enumerating objects: 26, done.
Counting objects: 100% (26/26), done.
Delta compression using up to 12 threads
Compressing objects: 100% (19/19), done.
Writing objects: 100% (20/20), 8.27 KiB | 941.00 KiB/s, done.
Total 20 (delta 14), reused 1 (delta 1)
To ssh://git.
* [new tag] upload/
stirling:
Checking signature on .changes
gpg: ../exim4_
Checking signature on .dsc
gpg: ../exim4_
Uploading to ubuntu (via ftp to upload.ubuntu.com):
Uploading exim4_4.
Uploading exim4_4.
Uploading exim4_4.
Uploading exim4_4.
Uploading exim4_4.
Successfully uploaded packages.
Lucas Kanashiro (lucaskanashiro) wrote : | # |
It already migrated to focal.
Preview Diff
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index 1a3147a..43c5f93 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,12 @@ |
6 | +exim4 (4.93-13ubuntu1) focal; urgency=medium |
7 | + |
8 | + * Merge with Debian unstable. Remaining changes: |
9 | + - Show Ubuntu distribution in SMTP banner |
10 | + + Build-Depends on lsb-release to detect Distribution. |
11 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
12 | + |
13 | + -- Bryce Harrington <bryce@canonical.com> Fri, 27 Mar 2020 16:00:03 -0700 |
14 | + |
15 | exim4 (4.93-13) unstable; urgency=medium |
16 | |
17 | * Update from exim-4.93+fixes: |
18 | @@ -9,6 +18,15 @@ exim4 (4.93-13) unstable; urgency=medium |
19 | |
20 | -- Andreas Metzler <ametzler@debian.org> Sat, 21 Mar 2020 11:39:19 +0100 |
21 | |
22 | +exim4 (4.93-12ubuntu1) focal; urgency=medium |
23 | + |
24 | + * Merge with Debian unstable. Remaining changes: |
25 | + - Show Ubuntu distribution in SMTP banner |
26 | + + Build-Depends on lsb-release to detect Distribution. |
27 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
28 | + |
29 | + -- Bryce Harrington <bryce@canonical.com> Fri, 13 Mar 2020 14:25:38 -0700 |
30 | + |
31 | exim4 (4.93-12) unstable; urgency=low |
32 | |
33 | * Update from exim-4.93+fixes: |
34 | @@ -24,6 +42,15 @@ exim4 (4.93-12) unstable; urgency=low |
35 | |
36 | -- Andreas Metzler <ametzler@debian.org> Sat, 29 Feb 2020 15:53:44 +0100 |
37 | |
38 | +exim4 (4.93-11ubuntu1) focal; urgency=medium |
39 | + |
40 | + * Merge with Debian unstable. Remaining changes: |
41 | + - Show Ubuntu distribution in SMTP banner |
42 | + + Build-Depends on lsb-release to detect Distribution. |
43 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
44 | + |
45 | + -- Bryce Harrington <bryce@canonical.com> Wed, 26 Feb 2020 02:34:11 +0000 |
46 | + |
47 | exim4 (4.93-11) unstable; urgency=medium |
48 | |
49 | * Update from exim-4.93+fixes: |
50 | @@ -43,6 +70,15 @@ exim4 (4.93-10) unstable; urgency=medium |
51 | |
52 | -- Andreas Metzler <ametzler@debian.org> Sat, 01 Feb 2020 11:06:29 +0100 |
53 | |
54 | +exim4 (4.93-9ubuntu1) focal; urgency=medium |
55 | + |
56 | + * Merge with Debian unstable (LP: #1860051). Remaining changes: |
57 | + - Show Ubuntu distribution in SMTP banner |
58 | + - Build-Depends on lsb-release to detect Distribution. |
59 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
60 | + |
61 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 17 Jan 2020 09:39:13 +0100 |
62 | + |
63 | exim4 (4.93-9) unstable; urgency=medium |
64 | |
65 | * Add 74_22-Taint-hybrid-checking-mode.patch. |
66 | @@ -162,6 +198,25 @@ exim4 (4.93~RC3-1) unstable; urgency=low |
67 | |
68 | -- Andreas Metzler <ametzler@debian.org> Sun, 17 Nov 2019 11:37:15 +0100 |
69 | |
70 | +exim4 (4.93~RC2-1ubuntu1) focal; urgency=medium |
71 | + |
72 | + * Merge with Debian unstable. Remaining changes: |
73 | + - Show Ubuntu distribution in SMTP banner |
74 | + + Build-Depends on lsb-release to detect Distribution. |
75 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
76 | + * Dropped: |
77 | + - SECURITY UPDATE: remote command execution |
78 | + + d/p/CVE-2019-15846.patch: ensure not to interpret '\\' |
79 | + before '\0' in src/string.c |
80 | + + CVE-2019-15846 |
81 | + [Now in upstream as of 4.92.2-1] |
82 | + - SECURITY UPDATE: heap-based buffer overflow in string_vformat |
83 | + + debian/patches/CVE-2019-16928.patch: fix overflow in src/string.c. |
84 | + + CVE-2019-16928 |
85 | + [Now upstream as of 4.92.3-1] |
86 | + |
87 | + -- Bryce Harrington <bryce@canonical.com> Wed, 13 Nov 2019 18:56:58 -0800 |
88 | + |
89 | exim4 (4.93~RC2-1) unstable; urgency=low |
90 | |
91 | * New upstream beta version. |
92 | @@ -318,6 +373,42 @@ exim4 (4.92.1-2) unstable; urgency=medium |
93 | |
94 | -- Andreas Metzler <ametzler@debian.org> Wed, 14 Aug 2019 09:25:28 +0200 |
95 | |
96 | +exim4 (4.92.1-1ubuntu4) focal; urgency=medium |
97 | + |
98 | + * No-change rebuild for the perl update. |
99 | + |
100 | + -- Matthias Klose <doko@ubuntu.com> Fri, 18 Oct 2019 19:27:29 +0000 |
101 | + |
102 | +exim4 (4.92.1-1ubuntu3) eoan; urgency=medium |
103 | + |
104 | + * SECURITY UPDATE: heap-based buffer overflow in string_vformat |
105 | + - debian/patches/CVE-2019-16928.patch: fix overflow in src/string.c. |
106 | + - CVE-2019-16928 |
107 | + |
108 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Sat, 28 Sep 2019 11:05:50 -0400 |
109 | + |
110 | +exim4 (4.92.1-1ubuntu2) eoan; urgency=medium |
111 | + |
112 | + * SECURITY UPDATE: remote command execution |
113 | + - debian/patches/CVE-2019-15846.patch: ensure not to interpret '\\' |
114 | + before '\0' in src/string.c |
115 | + - CVE-2019-15846 |
116 | + |
117 | + -- Alex Murray <alex.murray@canonical.com> Thu, 05 Sep 2019 11:29:48 +0930 |
118 | + |
119 | +exim4 (4.92.1-1ubuntu1) eoan; urgency=medium |
120 | + |
121 | + * Merge with Debian unstable. Remaining changes: |
122 | + - Show Ubuntu distribution in SMTP banner |
123 | + + Build-Depends on lsb-release to detect Distribution. |
124 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
125 | + * Dropped: |
126 | + - d/p/CVE-2019-13917.patch: avoid re-expansion in ${sort } in |
127 | + src/expand.c. |
128 | + [Fixed in 4.92.1] |
129 | + |
130 | + -- Bryce Harrington <bryce@canonical.com> Mon, 12 Aug 2019 19:18:33 -0700 |
131 | + |
132 | exim4 (4.92.1-1) unstable; urgency=low |
133 | |
134 | * New upstream bugfix release. (4.92.1 is 4.92 + the fix for CVE-2019-13917, |
135 | @@ -388,6 +479,24 @@ exim4 (4.92-8) unstable; urgency=low |
136 | |
137 | -- Andreas Metzler <ametzler@debian.org> Sat, 08 Jun 2019 17:37:43 +0200 |
138 | |
139 | +exim4 (4.92-7ubuntu2) eoan; urgency=medium |
140 | + |
141 | + * SECURITY UPDATE: code execution via ${sort } |
142 | + - debian/patches/CVE-2019-13917.patch: avoid re-expansion in ${sort } |
143 | + in src/expand.c. |
144 | + - CVE-2019-13917 |
145 | + |
146 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 25 Jul 2019 12:58:39 -0400 |
147 | + |
148 | +exim4 (4.92-7ubuntu1) eoan; urgency=medium |
149 | + |
150 | + * Merge with Debian unstable. Remaining changes: |
151 | + - Show Ubuntu distribution in SMTP banner |
152 | + + Build-Depends on lsb-release to detect Distribution. |
153 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
154 | + |
155 | + -- Bryce Harrington <bryce@canonical.com> Mon, 13 May 2019 13:48:18 -0700 |
156 | + |
157 | exim4 (4.92-7) unstable; urgency=medium |
158 | |
159 | * Upload to unstable. |
160 | @@ -415,6 +524,15 @@ exim4 (4.92-5) unstable; urgency=medium |
161 | |
162 | -- Andreas Metzler <ametzler@debian.org> Sun, 07 Apr 2019 13:39:31 +0200 |
163 | |
164 | +exim4 (4.92-4ubuntu1) disco; urgency=medium |
165 | + |
166 | + * Merge with Debian unstable (LP: #1821339). Remaining changes: |
167 | + * Show Ubuntu distribution in SMTP banner |
168 | + - Build-Depends on lsb-release to detect Distribution. |
169 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
170 | + |
171 | + -- Karl Stenerud <karl.stenerud@canonical.com> Mon, 25 Mar 2019 12:02:33 +0100 |
172 | + |
173 | exim4 (4.92-4) unstable; urgency=medium |
174 | |
175 | * Another patch from exim-4.92+fixes branch: |
176 | @@ -433,6 +551,15 @@ exim4 (4.92-3) unstable; urgency=medium |
177 | |
178 | -- Andreas Metzler <ametzler@debian.org> Wed, 20 Mar 2019 17:01:29 +0100 |
179 | |
180 | +exim4 (4.92-2ubuntu1) disco; urgency=medium |
181 | + |
182 | + * Merge with Debian unstable (LP: #1818444). Remaining changes: |
183 | + - Show Ubuntu distribution in SMTP banner |
184 | + + Build-Depends on lsb-release to detect Distribution. |
185 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
186 | + |
187 | + -- Karl Stenerud <kstenerud@gmail.com> Tue, 05 Mar 2019 10:55:48 +0100 |
188 | + |
189 | exim4 (4.92-2) unstable; urgency=medium |
190 | |
191 | * Upload to unstable. |
192 | @@ -489,6 +616,21 @@ exim4 (4.92~RC4-3) unstable; urgency=medium |
193 | |
194 | -- Andreas Metzler <ametzler@debian.org> Sun, 20 Jan 2019 17:52:39 +0100 |
195 | |
196 | +exim4 (4.92~RC4-2ubuntu2) disco; urgency=medium |
197 | + |
198 | + * No-change rebuild against libmysqlclient21 |
199 | + |
200 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 01 Feb 2019 16:57:54 +0000 |
201 | + |
202 | +exim4 (4.92~RC4-2ubuntu1) disco; urgency=medium |
203 | + |
204 | + * Merge with Debian unstable (LP: #1811095). Remaining changes: |
205 | + - Show Ubuntu distribution in SMTP banner |
206 | + + Build-Depends on lsb-release to detect Distribution. |
207 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
208 | + |
209 | + -- Karl Stenerud <kstenerud@gmail.com> Thu, 10 Jan 2019 16:41:45 +0100 |
210 | + |
211 | exim4 (4.92~RC4-2) unstable; urgency=medium |
212 | |
213 | * Upload to unstable. |
214 | @@ -582,6 +724,22 @@ exim4 (4.91-7) unstable; urgency=low |
215 | |
216 | -- Andreas Metzler <ametzler@debian.org> Sun, 26 Aug 2018 11:33:15 +0200 |
217 | |
218 | +exim4 (4.91-6ubuntu2) disco; urgency=medium |
219 | + |
220 | + * No-change rebuild for the perl 5.28 transition. |
221 | + |
222 | + -- Adam Conrad <adconrad@ubuntu.com> Fri, 02 Nov 2018 18:08:13 -0600 |
223 | + |
224 | +exim4 (4.91-6ubuntu1) cosmic; urgency=medium |
225 | + |
226 | + * Merge with Debian unstable. Remaining changes: |
227 | + - Show Ubuntu distribution in SMTP banner |
228 | + + Build-Depends on lsb-release to detect Distribution. |
229 | + + d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
230 | + [DEP3 header updated to indicate it has been forwarded to Debian] |
231 | + |
232 | + -- Andreas Hasenack <andreas@canonical.com> Mon, 30 Jul 2018 15:35:06 -0300 |
233 | + |
234 | exim4 (4.91-6) unstable; urgency=low |
235 | |
236 | * Update from exim-4_91+fixes branch: |
237 | @@ -593,6 +751,16 @@ exim4 (4.91-6) unstable; urgency=low |
238 | |
239 | -- Andreas Metzler <ametzler@debian.org> Fri, 20 Jul 2018 11:21:24 +0200 |
240 | |
241 | +exim4 (4.91-5ubuntu1) cosmic; urgency=medium |
242 | + |
243 | + * Merge with Debian unstable. Remaining changes: |
244 | + - Show Ubuntu distribution in SMTP banner |
245 | + - Build-Depends on lsb-release to detect Distribution. |
246 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
247 | + [DEP3 header updated to indicate it has been forwarded to Debian] |
248 | + |
249 | + -- Andreas Hasenack <andreas@canonical.com> Tue, 03 Jul 2018 11:13:08 -0300 |
250 | + |
251 | exim4 (4.91-5) unstable; urgency=medium |
252 | |
253 | * Update from exim-4_91+fixes branch: |
254 | @@ -602,6 +770,15 @@ exim4 (4.91-5) unstable; urgency=medium |
255 | |
256 | -- Andreas Metzler <ametzler@debian.org> Sat, 09 Jun 2018 18:10:39 +0200 |
257 | |
258 | +exim4 (4.91-4ubuntu1) cosmic; urgency=medium |
259 | + |
260 | + * Merge from Debian testing, Remaining changes: |
261 | + - Show Ubuntu distribution in SMTP banner |
262 | + - Build-Depends on lsb-release to detect Distribution. |
263 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
264 | + |
265 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 30 May 2018 12:46:14 +0200 |
266 | + |
267 | exim4 (4.91-4) unstable; urgency=medium |
268 | |
269 | * Update from exim-4_91+fixes branch: |
270 | @@ -720,6 +897,15 @@ exim4 (4.90.1-2) unstable; urgency=medium |
271 | |
272 | -- Andreas Metzler <ametzler@debian.org> Sat, 10 Mar 2018 14:25:51 +0100 |
273 | |
274 | +exim4 (4.90.1-1ubuntu1) bionic; urgency=medium |
275 | + |
276 | + * Merge from Debian testing, Remaining changes: |
277 | + - Show Ubuntu distribution in SMTP banner |
278 | + - Build-Depends on lsb-release to detect Distribution. |
279 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
280 | + |
281 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 14 Feb 2018 17:01:14 +0100 |
282 | + |
283 | exim4 (4.90.1-1) unstable; urgency=high |
284 | |
285 | * New upstream version, fixing CVE-2018-6789. Closes: #890000 |
286 | @@ -914,6 +1100,15 @@ exim4 (4.89-10) unstable; urgency=critical |
287 | |
288 | -- Andreas Metzler <ametzler@debian.org> Sat, 25 Nov 2017 11:43:24 +0100 |
289 | |
290 | +exim4 (4.89-9ubuntu1) bionic; urgency=medium |
291 | + |
292 | + * Merge from Debian unstable, Remaining changes: |
293 | + - Show Ubuntu distribution in SMTP banner |
294 | + - Build-Depends on lsb-release to detect Distribution. |
295 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
296 | + |
297 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 16 Nov 2017 10:02:23 +0100 |
298 | + |
299 | exim4 (4.89-9) unstable; urgency=medium |
300 | |
301 | * Upload to unstable. |
302 | @@ -956,6 +1151,42 @@ exim4 (4.89-6) unstable; urgency=medium |
303 | |
304 | -- Andreas Metzler <ametzler@debian.org> Sat, 09 Sep 2017 15:29:39 +0200 |
305 | |
306 | +exim4 (4.89-5ubuntu1.3) artful-security; urgency=medium |
307 | + |
308 | + * SECURITY UPDATE: Buffer overflow in base64d() |
309 | + - debian/patches/CVE-2018-6789.patch: fix overflow in src/base64.c. |
310 | + - CVE-2018-6789 |
311 | + |
312 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Sat, 10 Feb 2018 14:12:27 -0500 |
313 | + |
314 | +exim4 (4.89-5ubuntu1.2) artful-security; urgency=medium |
315 | + |
316 | + * SECURITY UPDATE: stack-exhaustion remote DoS |
317 | + - debian/patches/CVE-2017-16944.patch: do not treat the first lonely |
318 | + dot special in src/receive.c, src/smtp_in.c. |
319 | + - CVE-2017-16944 |
320 | + |
321 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 29 Nov 2017 08:59:31 -0500 |
322 | + |
323 | +exim4 (4.89-5ubuntu1.1) artful-security; urgency=medium |
324 | + |
325 | + * SECURITY UPDATE: remote code execution via use-after-free |
326 | + - debian/patches/CVE-2017-16943.patch: avoid release of store if there |
327 | + have been later allocations in src/receive.c. |
328 | + - CVE-2017-16943 |
329 | + |
330 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 27 Nov 2017 07:37:47 -0500 |
331 | + |
332 | +exim4 (4.89-5ubuntu1) artful; urgency=medium |
333 | + |
334 | + * Merge from Debian testing. |
335 | + Remaining changes: |
336 | + - Show Ubuntu distribution in SMTP banner |
337 | + - Build-Depends on lsb-release to detect Distribution. |
338 | + - d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner. |
339 | + |
340 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 16 Aug 2017 15:42:47 +0200 |
341 | + |
342 | exim4 (4.89-5) unstable; urgency=medium |
343 | |
344 | * Update to exim-4_89+fixes branch: |
345 | @@ -1000,6 +1231,20 @@ exim4 (4.89-4) unstable; urgency=low |
346 | |
347 | -- Andreas Metzler <ametzler@debian.org> Sat, 15 Jul 2017 12:46:16 +0200 |
348 | |
349 | +exim4 (4.89-3ubuntu2) artful; urgency=medium |
350 | + |
351 | + * No-change rebuild for perl 5.26.0. |
352 | + |
353 | + -- Matthias Klose <doko@ubuntu.com> Wed, 26 Jul 2017 20:02:24 +0000 |
354 | + |
355 | +exim4 (4.89-3ubuntu1) artful; urgency=medium |
356 | + |
357 | + * Merge from Debian. Remaining changes: |
358 | + - Show Ubuntu distribution in SMTP banner. |
359 | + - Build-Depends on lsb-release (needed for the Ubuntu SMTP banner patch) |
360 | + |
361 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 27 Jun 2017 10:20:42 -0400 |
362 | + |
363 | exim4 (4.89-3) unstable; urgency=high |
364 | |
365 | * Re-upload to unstable. |
366 | @@ -1012,6 +1257,15 @@ exim4 (4.89-2+deb9u1) stretch-security; urgency=medium |
367 | |
368 | -- <jmm@debian.org> Wed, 14 Jun 2017 07:03:07 +0200 |
369 | |
370 | +exim4 (4.89-2ubuntu1) artful; urgency=medium |
371 | + |
372 | + * Merge from Debian testing. |
373 | + Remaining changes: |
374 | + + Show Ubuntu distribution in SMTP banner. |
375 | + + Build-Depends on lsb-release (needed for the Ubuntu SMTP banner patch) |
376 | + |
377 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 01 Jun 2017 11:58:00 +0200 |
378 | + |
379 | exim4 (4.89-2) unstable; urgency=medium |
380 | |
381 | * Revert addition of header "# pidfile: /var/run/exim4/exim.pid" to |
382 | @@ -1103,6 +1357,17 @@ exim4 (4.89~RC1-1) unstable; urgency=low |
383 | |
384 | -- Andreas Metzler <ametzler@debian.org> Tue, 31 Jan 2017 19:52:50 +0100 |
385 | |
386 | +exim4 (4.88-5ubuntu1) zesty; urgency=medium |
387 | + |
388 | + * Merge from Debian unstable. |
389 | + Version 4.88 fixes CVE-2016-9963 (LP: #1654750) and symlink |
390 | + local root escalation (LP: #1580454) |
391 | + Remaining changes: |
392 | + + Show Ubuntu distribution in SMTP banner. |
393 | + + Build-Depends on lsb-release (needed for the Ubuntu SMTP banner patch) |
394 | + |
395 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 24 Jan 2017 10:15:09 +0100 |
396 | + |
397 | exim4 (4.88-5) unstable; urgency=medium |
398 | |
399 | * 78_Disable-chunking-BDAT-by-default.patch: Change default value of main |
400 | @@ -1255,6 +1520,20 @@ exim4 (4.88~RC1-1) experimental; urgency=low |
401 | |
402 | -- Andreas Metzler <ametzler@debian.org> Sun, 25 Sep 2016 15:44:00 +0200 |
403 | |
404 | +exim4 (4.87-3ubuntu2) zesty; urgency=medium |
405 | + |
406 | + * No-change rebuild for perl 5.24 transition |
407 | + |
408 | + -- Iain Lane <iain@orangesquash.org.uk> Mon, 24 Oct 2016 10:08:10 +0100 |
409 | + |
410 | +exim4 (4.87-3ubuntu1) yakkety; urgency=medium |
411 | + |
412 | + * Merge from Debian unstable. Remaining changes: |
413 | + + Show Ubuntu distribution in SMTP banner. |
414 | + + Build-Depends on lsb-release (needed for the Ubuntu SMTP banner patch) |
415 | + |
416 | + -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 26 Jul 2016 13:30:09 +0200 |
417 | + |
418 | exim4 (4.87-3) unstable; urgency=medium |
419 | |
420 | * Pull multiple patches from upstream GIT: |
421 | @@ -1428,6 +1707,48 @@ exim4 (4.87~RC1-1) experimental; urgency=medium |
422 | |
423 | -- Andreas Metzler <ametzler@debian.org> Fri, 11 Dec 2015 20:15:30 +0100 |
424 | |
425 | +exim4 (4.86.2-2ubuntu2.3) xenial-security; urgency=medium |
426 | + |
427 | + * SECURITY UPDATE: Buffer overflow in base64d() |
428 | + - debian/patches/CVE-2018-6789.patch: fix overflow in |
429 | + src/auths/b64decode.c. |
430 | + - CVE-2018-6789 |
431 | + |
432 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Sat, 10 Feb 2018 14:18:40 -0500 |
433 | + |
434 | +exim4 (4.86.2-2ubuntu2.2) xenial-security; urgency=medium |
435 | + |
436 | + * SECURITY UPDATE: memory leak |
437 | + - debian/patches/93_CVE-2017-1000368.patch: free -p argument if |
438 | + allocation was required. |
439 | + - CVE-2017-1000368 |
440 | + |
441 | + -- Steve Beattie <sbeattie@ubuntu.com> Fri, 02 Jun 2017 22:07:28 -0700 |
442 | + |
443 | +exim4 (4.86.2-2ubuntu2.1) xenial-security; urgency=medium |
444 | + |
445 | + * SECURITY UPDATE: DKIM information leakage |
446 | + - debian/patches/CVE-2016-9963.patch: fix information leakage in |
447 | + src/dkim.c, src/transports/smtp.c. |
448 | + - CVE-2016-9963 |
449 | + |
450 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 05 Jan 2017 08:29:10 -0500 |
451 | + |
452 | +exim4 (4.86.2-2ubuntu2) xenial; urgency=medium |
453 | + |
454 | + * Rebuild against libmysqlclient20. |
455 | + |
456 | + -- Robie Basak <robie.basak@ubuntu.com> Tue, 05 Apr 2016 12:21:41 +0000 |
457 | + |
458 | +exim4 (4.86.2-2ubuntu1) xenial; urgency=medium |
459 | + |
460 | + * Merge from Debian unstable. Remaining changes: |
461 | + - debian.control, debian/patches/fix_smtp_banner.patch |
462 | + + Show Ubuntu distribution in SMTP banner. |
463 | + + Build-Depends on lsb-release. |
464 | + |
465 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 15 Mar 2016 11:56:18 -0400 |
466 | + |
467 | exim4 (4.86.2-2) unstable; urgency=high |
468 | |
469 | * Bump exim4-config Breaks to exim4-daemon-* (<< 4.86.2). Closes: #816790 |
470 | @@ -1449,6 +1770,27 @@ exim4 (4.86.2-1) unstable; urgency=high |
471 | |
472 | -- Andreas Metzler <ametzler@debian.org> Tue, 01 Mar 2016 19:34:39 +0100 |
473 | |
474 | +exim4 (4.86-7ubuntu3) xenial; urgency=medium |
475 | + |
476 | + * No-change rebuild for gnutls transition. |
477 | + |
478 | + -- Matthias Klose <doko@ubuntu.com> Wed, 17 Feb 2016 22:40:56 +0000 |
479 | + |
480 | +exim4 (4.86-7ubuntu2) xenial; urgency=medium |
481 | + |
482 | + * Rebuild for Perl 5.22.1. |
483 | + |
484 | + -- Colin Watson <cjwatson@ubuntu.com> Fri, 18 Dec 2015 10:30:54 +0000 |
485 | + |
486 | +exim4 (4.86-7ubuntu1) xenial; urgency=medium |
487 | + |
488 | + * Merge from Debian unstable. Remaining changes: |
489 | + - debian.control, debian/patches/fix_smtp_banner.patch |
490 | + + Show Ubuntu distribution in SMTP banner. |
491 | + + Build-Depends on lsb-release. |
492 | + |
493 | + -- Pierre-André MOREY <pierre-andre.morey@canonical.com> Mon, 14 Dec 2015 14:23:51 +0100 |
494 | + |
495 | exim4 (4.86-7) unstable; urgency=medium |
496 | |
497 | * Allow arch-indep build (dpkg-buildpackage -A). Closes: #806023 |
498 | @@ -1499,6 +1841,15 @@ exim4 (4.86-4) unstable; urgency=medium |
499 | |
500 | -- Andreas Metzler <ametzler@debian.org> Sat, 17 Oct 2015 15:01:01 +0200 |
501 | |
502 | +exim4 (4.86-3ubuntu1) wily; urgency=medium |
503 | + |
504 | + * Merge from Debian unstable. (LP: #1485369) Remaining changes: |
505 | + - debian/control, debian/patches/fix_smtp_banner.patch: |
506 | + + Show Ubuntu distribution in SMTP banner. |
507 | + + Build-Depends on lsb-release. |
508 | + |
509 | + -- Artur Rona <ari-tczew@ubuntu.com> Thu, 17 Sep 2015 13:18:20 +0100 |
510 | + |
511 | exim4 (4.86-3) unstable; urgency=medium |
512 | |
513 | * Pull three patches from upstream git: |
514 | @@ -1539,6 +1890,15 @@ exim4 (4.86~RC5-1) unstable; urgency=medium |
515 | |
516 | -- Andreas Metzler <ametzler@debian.org> Sat, 18 Jul 2015 11:46:11 +0200 |
517 | |
518 | +exim4 (4.86~RC4-2ubuntu1) wily; urgency=low |
519 | + |
520 | + * Merge from Debian unstable. (LP: #1166671) Remaining changes: |
521 | + - debian/control, debian/patches/fix_smtp_banner.patch: |
522 | + + Show Ubuntu distribution in SMTP banner. |
523 | + + Build-Depends on lsb-release. |
524 | + |
525 | + -- Artur Rona <ari-tczew@ubuntu.com> Mon, 06 Jul 2015 12:09:36 +0200 |
526 | + |
527 | exim4 (4.86~RC4-2) unstable; urgency=medium |
528 | |
529 | * Drop libmysqlclient15-dev alternative build-dependency. Closes: #790463 |
530 | @@ -1703,6 +2063,18 @@ exim4 (4.85~RC1+dfsg-1) experimental; urgency=medium |
531 | |
532 | -- Andreas Metzler <ametzler@debian.org> Tue, 18 Nov 2014 19:28:20 +0100 |
533 | |
534 | +exim4 (4.84-8ubuntu1) vivid; urgency=low |
535 | + |
536 | + * Merge from Debian unstable. (LP: #1434300) Remaining changes: |
537 | + - debian/control, debian/patches/fix_smtp_banner.patch: |
538 | + + Show Ubuntu distribution in SMTP banner. |
539 | + + Build-Depends on lsb-release. |
540 | + - debian/control: |
541 | + + Don't provide default-mta; in Ubuntu, |
542 | + we want postfix to be the default. |
543 | + |
544 | + -- Artur Rona <ari-tczew@ubuntu.com> Thu, 19 Mar 2015 00:15:40 +0100 |
545 | + |
546 | exim4 (4.84-8) unstable; urgency=medium |
547 | |
548 | * Pull 83_Remove-limit-on-remove_headers-item-size.-Bug-1533.patch and |
549 | @@ -1720,6 +2092,15 @@ exim4 (4.84-7) unstable; urgency=medium |
550 | |
551 | -- Andreas Metzler <ametzler@debian.org> Sat, 07 Feb 2015 15:12:33 +0100 |
552 | |
553 | +exim4 (4.84-6ubuntu1) vivid; urgency=medium |
554 | + |
555 | + * Resynchronise with Debian. Remaining changes: |
556 | + - Show Ubuntu distribution in SMTP banner. |
557 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
558 | + default. |
559 | + |
560 | + -- Colin Watson <cjwatson@ubuntu.com> Wed, 14 Jan 2015 11:26:29 +0000 |
561 | + |
562 | exim4 (4.84-6) unstable; urgency=medium |
563 | |
564 | * Revert init script's restart order change in 4.84-4 for the time being. |
565 | @@ -1728,6 +2109,15 @@ exim4 (4.84-6) unstable; urgency=medium |
566 | |
567 | -- Andreas Metzler <ametzler@debian.org> Sun, 21 Dec 2014 14:07:12 +0100 |
568 | |
569 | +exim4 (4.84-5ubuntu1) vivid; urgency=medium |
570 | + |
571 | + * Resynchronise with Debian. Remaining changes: |
572 | + - Show Ubuntu distribution in SMTP banner. |
573 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
574 | + default. |
575 | + |
576 | + -- Colin Watson <cjwatson@ubuntu.com> Thu, 18 Dec 2014 15:26:17 +0000 |
577 | + |
578 | exim4 (4.84-5) unstable; urgency=medium |
579 | |
580 | * 82_quoted-or-r-2047-encoded.diff pulled from upstream git (sans |
581 | @@ -1735,6 +2125,15 @@ exim4 (4.84-5) unstable; urgency=medium |
582 | |
583 | -- Andreas Metzler <ametzler@debian.org> Wed, 17 Dec 2014 19:03:39 +0100 |
584 | |
585 | +exim4 (4.84-4ubuntu1) vivid; urgency=medium |
586 | + |
587 | + * Resynchronise with Debian. Remaining changes: |
588 | + - Show Ubuntu distribution in SMTP banner. |
589 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
590 | + default. |
591 | + |
592 | + -- Colin Watson <cjwatson@ubuntu.com> Tue, 02 Dec 2014 15:28:46 +0000 |
593 | + |
594 | exim4 (4.84-4) unstable; urgency=medium |
595 | |
596 | * Unset message_prefix/message_sufix in maildrop_pipe transport. Maildrop |
597 | @@ -1749,6 +2148,15 @@ exim4 (4.84-4) unstable; urgency=medium |
598 | |
599 | -- Andreas Metzler <ametzler@debian.org> Sun, 30 Nov 2014 08:24:04 +0100 |
600 | |
601 | +exim4 (4.84-3ubuntu1) vivid; urgency=medium |
602 | + |
603 | + * Resynchronise with Debian. Remaining changes: |
604 | + - Show Ubuntu distribution in SMTP banner. |
605 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
606 | + default. |
607 | + |
608 | + -- Colin Watson <cjwatson@ubuntu.com> Tue, 11 Nov 2014 13:43:35 +0000 |
609 | + |
610 | exim4 (4.84-3) unstable; urgency=medium |
611 | |
612 | * Apply patch to Italian (it) debconf template translation, thanks to |
613 | @@ -1778,6 +2186,24 @@ exim4 (4.84~RC2-1) unstable; urgency=medium |
614 | |
615 | -- Andreas Metzler <ametzler@debian.org> Sat, 09 Aug 2014 07:42:00 +0200 |
616 | |
617 | +exim4 (4.84~RC1-3ubuntu2) utopic; urgency=medium |
618 | + |
619 | + * Rebuild for Perl 5.20.0. |
620 | + |
621 | + -- Colin Watson <cjwatson@ubuntu.com> Thu, 21 Aug 2014 12:18:13 +0100 |
622 | + |
623 | +exim4 (4.84~RC1-3ubuntu1) utopic; urgency=low |
624 | + |
625 | + * Merge from Debian unstable (LP: #1351470). Remaining changes: |
626 | + - Show Ubuntu distribution on smtp: |
627 | + + debian/patches/fix_smtp_banner.patch: updated SMTP banner |
628 | + with Ubuntu distribution |
629 | + + debian/control: added lsb-release build dependency |
630 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
631 | + default. |
632 | + |
633 | + -- Corey Bryant <corey.bryant@canonical.com> Mon, 04 Aug 2014 11:48:39 -0400 |
634 | + |
635 | exim4 (4.84~RC1-3) unstable; urgency=medium |
636 | |
637 | * Third try. Simply comment *custom* in debian/control. |
638 | @@ -1846,6 +2272,18 @@ exim4 (4.83~RC1-1) experimental; urgency=medium |
639 | |
640 | -- Andreas Metzler <ametzler@debian.org> Thu, 29 May 2014 13:09:04 +0200 |
641 | |
642 | +exim4 (4.82.1-2ubuntu1) utopic; urgency=low |
643 | + |
644 | + * Merge from Debian unstable (LP: #1348074). Remaining changes: |
645 | + - Show Ubuntu distribution on smtp: |
646 | + + debian/patches/fix_smtp_banner.patch: updated SMTP banner |
647 | + with Ubuntu distribution |
648 | + + debian/control: added lsb-release build dependency |
649 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
650 | + default. |
651 | + |
652 | + -- Robie Basak <robie.basak@ubuntu.com> Fri, 25 Jul 2014 15:53:09 +0000 |
653 | + |
654 | exim4 (4.82.1-2) unstable; urgency=high |
655 | |
656 | * [87_double_expansion.diff] from upstream. Stop unwanted double expansion |
657 | @@ -1863,6 +2301,18 @@ exim4 (4.82.1-1) unstable; urgency=high |
658 | |
659 | -- Andreas Metzler <ametzler@debian.org> Wed, 28 May 2014 19:01:43 +0200 |
660 | |
661 | +exim4 (4.82-8ubuntu1) utopic; urgency=medium |
662 | + |
663 | + * Merge from Debian unstable. Remaining changes: |
664 | + - Show Ubuntu distribution on smtp: |
665 | + + debian/patches/fix_smtp_banner.patch: updated SMTP banner |
666 | + with Ubuntu distribution |
667 | + + debian/control: added lsb-release build dependency |
668 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
669 | + default. |
670 | + |
671 | + -- Dimitri John Ledkov <xnox@ubuntu.com> Sat, 17 May 2014 01:50:20 +0100 |
672 | + |
673 | exim4 (4.82-8) unstable; urgency=medium |
674 | |
675 | * Now that GMP has been relicensed to LGPLv3+/GPLv2+ build exim against |
676 | @@ -1926,6 +2376,78 @@ exim4 (4.82-4) unstable; urgency=medium |
677 | |
678 | -- Andreas Metzler <ametzler@debian.org> Sun, 09 Feb 2014 19:41:34 +0100 |
679 | |
680 | +exim4 (4.82-3ubuntu2.4) trusty-security; urgency=medium |
681 | + |
682 | + * SECURITY UPDATE: Buffer overflow in base64d() |
683 | + - debian/patches/CVE-2018-6789.patch: fix overflow in |
684 | + src/auths/b64decode.c. |
685 | + - CVE-2018-6789 |
686 | + |
687 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Sat, 10 Feb 2018 14:19:43 -0500 |
688 | + |
689 | +exim4 (4.82-3ubuntu2.3) trusty-security; urgency=medium |
690 | + |
691 | + * SECURITY UPDATE: memory leak |
692 | + - debian/patches/CVE-2017-1000368.patch: free -p argument if |
693 | + allocation was required. |
694 | + - CVE-2017-1000368 |
695 | + |
696 | + -- Steve Beattie <sbeattie@ubuntu.com> Fri, 02 Jun 2017 22:44:35 -0700 |
697 | + |
698 | +exim4 (4.82-3ubuntu2.2) trusty-security; urgency=medium |
699 | + |
700 | + * SECURITY UPDATE: DKIM information leakage |
701 | + - debian/patches/CVE-2016-9963.patch: fix information leakage in |
702 | + src/dkim.c, src/transports/smtp.c. |
703 | + - CVE-2016-9963 |
704 | + |
705 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 05 Jan 2017 08:31:06 -0500 |
706 | + |
707 | +exim4 (4.82-3ubuntu2.1) trusty-security; urgency=medium |
708 | + |
709 | + * SECURITY UPDATE: privilege escalation via crafted lookup value |
710 | + - debian/patches/CVE-2014-2972.patch: only expand integers for integer |
711 | + math once. |
712 | + - CVE-2014-2972 |
713 | + * SECURITY UPDATE: privilege escalation when used with perl_startup |
714 | + - debian/patches/CVE-2016-1531.patch: add new add_environment and |
715 | + keep_environment configuration options. |
716 | + - debian/patches/CVE-2016-1531-2.patch: don't issue env warning if env |
717 | + is empty. |
718 | + - debian/patches/CVE-2016-1531-3.patch: store the initial working |
719 | + directory, expand $initial_cwd. |
720 | + - debian/patches/CVE-2016-1531-4.patch: delay chdir(/) until we opened |
721 | + the main config. |
722 | + - Add macros MAIN_KEEP_ENVIRONMENT and MAIN_ADD_ENVIRONMENT to set the |
723 | + new options. Set "keep_environment =" by default to avoid a runtime |
724 | + warning. |
725 | + - Bump exim4-config Breaks to exim4-daemon-* (<< 4.82-3ubuntu2.1). |
726 | + - debian/exim4-config.NEWS: Add entry to warn of potential breakage. |
727 | + - CVE-2016-1531 |
728 | + * WARNING: This update may break existing installations. |
729 | + |
730 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 14 Mar 2016 12:57:00 -0400 |
731 | + |
732 | +exim4 (4.82-3ubuntu2) trusty; urgency=medium |
733 | + |
734 | + * debian/tests/control: Add missing python test dependency, as |
735 | + debian/tests/security calls python. |
736 | + |
737 | + -- Martin Pitt <martin.pitt@ubuntu.com> Tue, 25 Feb 2014 17:33:13 +0100 |
738 | + |
739 | +exim4 (4.82-3ubuntu1) trusty; urgency=low |
740 | + |
741 | + * Merge from Debian unstable (LP: #1259620). Remaining changes: |
742 | + - Show Ubuntu distribution on smtp: |
743 | + + debian/patches/fix_smtp_banner.patch: updated SMTP banner |
744 | + with Ubuntu distribution |
745 | + + debian/control: added lsb-release build dependency |
746 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
747 | + default. |
748 | + - Build-depend on db5.3. |
749 | + |
750 | + -- Yolanda Robla <yolanda.robla@canonical.com> Tue, 10 Dec 2013 17:07:20 +0000 |
751 | + |
752 | exim4 (4.82-3) unstable; urgency=low |
753 | |
754 | * Upload to unstable. |
755 | @@ -2006,6 +2528,21 @@ exim4 (4.82~rc1-1) experimental; urgency=low |
756 | |
757 | -- Andreas Metzler <ametzler@debian.org> Sun, 29 Sep 2013 14:43:25 +0200 |
758 | |
759 | +exim4 (4.80-9ubuntu2) trusty; urgency=low |
760 | + |
761 | + * Build-depend on libdb5.3-dev, instead of libdb5.1-dev. |
762 | + |
763 | + -- Dmitrijs Ledkovs <xnox@ubuntu.com> Mon, 04 Nov 2013 12:14:54 +0000 |
764 | + |
765 | +exim4 (4.80-9ubuntu1) trusty; urgency=low |
766 | + |
767 | + * Resynchronise with Debian. Remaining changes: |
768 | + - Don't provide default-mta; in Ubuntu, we want postfix to be the |
769 | + default. |
770 | + - Add "Ubuntu" to SMTP banner. |
771 | + |
772 | + -- Colin Watson <cjwatson@ubuntu.com> Mon, 28 Oct 2013 11:55:21 -0700 |
773 | + |
774 | exim4 (4.80-9) unstable; urgency=low |
775 | |
776 | * Upload to unstable. |
777 | @@ -2052,6 +2589,34 @@ exim4 (4.80-8) experimental; urgency=low |
778 | |
779 | -- Andreas Metzler <ametzler@debian.org> Sun, 01 Sep 2013 15:58:49 +0200 |
780 | |
781 | +exim4 (4.80-7ubuntu4) trusty; urgency=low |
782 | + |
783 | + * Rebuild for Perl 5.18. |
784 | + |
785 | + -- Colin Watson <cjwatson@ubuntu.com> Wed, 23 Oct 2013 10:24:08 +0100 |
786 | + |
787 | +exim4 (4.80-7ubuntu3) saucy; urgency=low |
788 | + |
789 | + * debian/patches/fix_smtp_banner.patch: updated SMTP banner |
790 | + with Ubuntu distribution |
791 | + * debian/control: added lsb-release build dependency |
792 | + |
793 | + -- Yolanda Robla <yolanda.robla@canonical.com> Tue, 18 Jun 2013 19:17:43 +0200 |
794 | + |
795 | +exim4 (4.80-7ubuntu2) saucy; urgency=low |
796 | + |
797 | + * debian/tests: Add autopkgtest. |
798 | + |
799 | + -- Yolanda <yolanda.robla@canonical.com> Mon, 27 May 2013 11:31:35 +0200 |
800 | + |
801 | +exim4 (4.80-7ubuntu1) raring; urgency=low |
802 | + |
803 | + * Merge from Debian unstable (LP: #1166383). Remaining changes: |
804 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
805 | + we want postfix to be the default. |
806 | + |
807 | + -- Robie Basak <robie.basak@canonical.com> Mon, 08 Apr 2013 18:13:15 +0100 |
808 | + |
809 | exim4 (4.80-7) unstable; urgency=low |
810 | |
811 | * Use exim's ${quote:xxx} operator when invoking spfquery to disallow |
812 | @@ -2071,6 +2636,14 @@ exim4 (4.80-6) unstable; urgency=low |
813 | |
814 | -- Andreas Metzler <ametzler@debian.org> Wed, 21 Nov 2012 19:08:53 +0100 |
815 | |
816 | +exim4 (4.80-5.1ubuntu1) raring; urgency=low |
817 | + |
818 | + * Merge from Debian. Remaining changes: |
819 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
820 | + we want postfix to be the default. |
821 | + |
822 | + -- Oussama Bounaim <o.bounaim@gmail.com> Sun, 11 Nov 2012 07:11:06 +0100 |
823 | + |
824 | exim4 (4.80-5.1) unstable; urgency=high |
825 | |
826 | * Non-maintainer upload by the Security Team. |
827 | @@ -2098,6 +2671,23 @@ exim4 (4.80-4) unstable; urgency=low |
828 | |
829 | -- Andreas Metzler <ametzler@debian.org> Sat, 23 Jun 2012 18:35:03 +0200 |
830 | |
831 | +exim4 (4.80-3ubuntu1.1) quantal-security; urgency=low |
832 | + |
833 | + * SECURITY UPDATE: arbitrary code execution via dns decode logic |
834 | + - debian/patches/CVE-2012-5671.patch: adjust max length and validate |
835 | + against it in src/pdkim/pdkim.h, src/dkim.c. |
836 | + - CVE-2012-5671 |
837 | + |
838 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 25 Oct 2012 08:22:46 -0400 |
839 | + |
840 | +exim4 (4.80-3ubuntu1) quantal; urgency=low |
841 | + |
842 | + * Merge from Debian unstable. Remaining changes: |
843 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
844 | + we want postfix to be the default. |
845 | + |
846 | + -- Clint Byrum <clint@ubuntu.com> Thu, 14 Jun 2012 15:28:08 -0700 |
847 | + |
848 | exim4 (4.80-3) unstable; urgency=low |
849 | |
850 | * Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL |
851 | @@ -2245,6 +2835,26 @@ exim4 (4.76-4) experimental; urgency=low |
852 | |
853 | -- Andreas Metzler <ametzler@debian.org> Sat, 24 Sep 2011 18:36:08 +0200 |
854 | |
855 | +exim4 (4.76-3ubuntu3) precise; urgency=low |
856 | + |
857 | + * Rebuild for libmysqlclient transition |
858 | + |
859 | + -- Clint Byrum <clint@ubuntu.com> Wed, 23 Nov 2011 23:29:35 -0800 |
860 | + |
861 | +exim4 (4.76-3ubuntu2) precise; urgency=low |
862 | + |
863 | + * Rebuild for Perl 5.14. |
864 | + |
865 | + -- Colin Watson <cjwatson@ubuntu.com> Wed, 16 Nov 2011 01:22:39 +0000 |
866 | + |
867 | +exim4 (4.76-3ubuntu1) precise; urgency=low |
868 | + |
869 | + * Merge from debian unstable. Remaining changes: |
870 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
871 | + we want postfix to be the default. |
872 | + |
873 | + -- Stéphane Graber <stgraber@ubuntu.com> Thu, 20 Oct 2011 11:29:07 -0400 |
874 | + |
875 | exim4 (4.76-3) unstable; urgency=low |
876 | |
877 | * [exim4-base.cron.daily] Correct invocation of mail(1), options need to be |
878 | @@ -2265,6 +2875,14 @@ exim4 (4.76-3) unstable; urgency=low |
879 | |
880 | -- Andreas Metzler <ametzler@debian.org> Sun, 18 Sep 2011 11:49:13 +0200 |
881 | |
882 | +exim4 (4.76-2ubuntu1) oneiric; urgency=low |
883 | + |
884 | + * Merge from debian unstable. Remaining changes: |
885 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
886 | + we want postfix to be the default. |
887 | + |
888 | + -- Stéphane Graber <stgraber@ubuntu.com> Mon, 30 May 2011 17:48:56 -0400 |
889 | + |
890 | exim4 (4.76-2) unstable; urgency=low |
891 | |
892 | * debian/rules: Remove test/ and test-stamp on clean. |
893 | @@ -2277,6 +2895,14 @@ exim4 (4.76-2) unstable; urgency=low |
894 | |
895 | -- Andreas Metzler <ametzler@debian.org> Sun, 29 May 2011 18:21:03 +0200 |
896 | |
897 | +exim4 (4.76-1ubuntu1) oneiric; urgency=low |
898 | + |
899 | + * Merge from debian unstable. Remaining changes (LP: #779391): |
900 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
901 | + we want postfix to be the default. |
902 | + |
903 | + -- Stéphane Graber <stgraber@ubuntu.com> Mon, 23 May 2011 12:37:30 -0400 |
904 | + |
905 | exim4 (4.76-1) unstable; urgency=low |
906 | |
907 | * New upstream version. |
908 | @@ -2323,6 +2949,14 @@ exim4 (4.75-3) unstable; urgency=high |
909 | |
910 | -- Andreas Metzler <ametzler@debian.org> Fri, 06 May 2011 20:08:51 +0200 |
911 | |
912 | +exim4 (4.75-2ubuntu1) oneiric; urgency=low |
913 | + |
914 | + * Merge from debian unstable. Remaining changes: |
915 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
916 | + we want postfix to be the default. |
917 | + |
918 | + -- Stéphane Graber <stgraber@ubuntu.com> Fri, 06 May 2011 14:51:28 -0400 |
919 | + |
920 | exim4 (4.75-2) unstable; urgency=low |
921 | |
922 | * clamav socket on Debian is clamd:/var/run/clamav/clamd.ctl, fix |
923 | @@ -2365,6 +2999,24 @@ exim4 (4.74-2) unstable; urgency=low |
924 | |
925 | -- Andreas Metzler <ametzler@debian.org> Thu, 24 Feb 2011 19:02:07 +0100 |
926 | |
927 | +exim4 (4.74-1ubuntu1) natty; urgency=low |
928 | + |
929 | + * Merge from debian experimental. Remaining changes: (LP: #713855) |
930 | + - debian/patches/71_exiq_grep_error_on_messages_without_size.patch: |
931 | + + Improve handling of broken messages when "exim4 -bp" (mailq) |
932 | + reports lines without size info. (Closes: #528625) |
933 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
934 | + we want postfix to be the default. |
935 | + - debian/{control,rules}: Add and enable hardened build for PIE. |
936 | + (Closes: #542726) |
937 | + * Update 71_exiq_grep_error_on_messages_without_size.patch to get way |
938 | + which upstream has fixed it. Probably it can be dropped with next |
939 | + upstream release. |
940 | + * This upload fixes CVE: (LP: #708023) |
941 | + - CVE-2011-0017 |
942 | + |
943 | + -- Artur Rona <ari-tczew@ubuntu.com> Wed, 09 Feb 2011 21:31:35 +0100 |
944 | + |
945 | exim4 (4.74-1) experimental; urgency=low |
946 | |
947 | * 4.74 release, should build on hurd again. |
948 | @@ -2390,6 +3042,20 @@ exim4 (4.74~rc2-1) experimental; urgency=low |
949 | |
950 | -- Andreas Metzler <ametzler@debian.org> Sun, 23 Jan 2011 14:02:36 +0100 |
951 | |
952 | +exim4 (4.73~rc1-1ubuntu1) natty; urgency=low |
953 | + |
954 | + * Merge from debian unstable. Remaining changes: (LP: #697934) |
955 | + - debian/patches/71_exiq_grep_error_on_messages_without_size.patch: |
956 | + + Improve handling of broken messages when "exim4 -bp" (mailq) |
957 | + reports lines without size info. |
958 | + - debian/control: Don't declare a Provides: default-mta; in Ubuntu, |
959 | + we want postfix to be the default. |
960 | + - debian/{control,rules}: Add and enable hardened build for PIE. |
961 | + (Closes: #542726) |
962 | + * Drop B-D on libmysqlclient15-dev, resolved in Debian. |
963 | + |
964 | + -- Artur Rona <ari-tczew@ubuntu.com> Tue, 28 Dec 2010 22:20:17 +0100 |
965 | + |
966 | exim4 (4.73~rc1-1) experimental; urgency=low |
967 | |
968 | * New upstream release candidate. |
969 | @@ -2485,6 +3151,20 @@ exim4 (4.72-3) unstable; urgency=low |
970 | |
971 | -- Andreas Metzler <ametzler@debian.org> Sun, 26 Dec 2010 15:13:08 +0100 |
972 | |
973 | +exim4 (4.72-2ubuntu1) natty; urgency=low |
974 | + |
975 | + * Merge from debian unstable. Remaining changes: (LP: #671615) |
976 | + - debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch: |
977 | + Improve handling of broken messages when "exim4 -bp" (mailq) reports |
978 | + lines without size info. |
979 | + - Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be |
980 | + the default. |
981 | + - debian/control: Change build dependencies to MySQL 5.1. |
982 | + - debian/{control,rules}: add and enable hardened build for PIE |
983 | + (Closes: #542726). |
984 | + |
985 | + -- Artur Rona <ari-tczew@ubuntu.com> Fri, 05 Nov 2010 21:05:47 +0100 |
986 | + |
987 | exim4 (4.72-2) unstable; urgency=low |
988 | |
989 | [ Marc Haber ] |
990 | @@ -2508,6 +3188,20 @@ exim4 (4.72-2) unstable; urgency=low |
991 | |
992 | -- Andreas Metzler <ametzler@debian.org> Sat, 30 Oct 2010 13:38:26 +0200 |
993 | |
994 | +exim4 (4.72-1ubuntu1) maverick; urgency=low |
995 | + |
996 | + * Merge with Debian unstable (LP: #609620). Remaining changes: |
997 | + + debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch: |
998 | + Improve handling of broken messages when "exim4 -bp" (mailq) reports |
999 | + lines without size info. |
1000 | + + Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be |
1001 | + the default. |
1002 | + + debian/control: Change build dependencies to MySQL 5.1. |
1003 | + + debian/{control,rules}: add and enable hardened build for PIE |
1004 | + (Closes: #542726). |
1005 | + |
1006 | + -- Artur Rona <ari-tczew@tlen.pl> Sun, 25 Jul 2010 02:00:42 +0200 |
1007 | + |
1008 | exim4 (4.72-1) unstable; urgency=low |
1009 | |
1010 | * New upstream release. (Identical to the git snapshot previously |
1011 | @@ -2559,6 +3253,20 @@ exim4 (4.71-4) unstable; urgency=low |
1012 | |
1013 | -- Andreas Metzler <ametzler@debian.org> Thu, 25 Mar 2010 17:34:30 +0100 |
1014 | |
1015 | +exim4 (4.71-3ubuntu1) lucid; urgency=low |
1016 | + |
1017 | + * Merge with Debian unstable (lp: #501657). Remaining changes: |
1018 | + + debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch: |
1019 | + Improve handling of broken messages when "exim4 -bp" (mailq) reports |
1020 | + lines without size info. |
1021 | + + Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be |
1022 | + the default. |
1023 | + + debian/control: Change build dependencies to MySQL 5.1. |
1024 | + + debian/{control,rules}: add and enable hardened build for PIE |
1025 | + (Debian bug 542726). |
1026 | + |
1027 | + -- Michael Bienia <geser@ubuntu.com> Fri, 01 Jan 2010 16:28:19 +0100 |
1028 | + |
1029 | exim4 (4.71-3) unstable; urgency=low |
1030 | |
1031 | * exim4-base.cron.daily: Do not run exim_tidydb on Berkeley DB logfiles. |
1032 | @@ -2673,6 +3381,35 @@ exim4 (4.70~cvs+20091017-1) experimental; urgency=low |
1033 | |
1034 | -- Andreas Metzler <ametzler@debian.org> Sat, 17 Oct 2009 14:26:54 +0200 |
1035 | |
1036 | +exim4 (4.69-11ubuntu4) karmic; urgency=low |
1037 | + |
1038 | + * debian/{control,rules}: add and enable hardened build for PIE |
1039 | + (Debian bug 542726). |
1040 | + |
1041 | + -- Kees Cook <kees@ubuntu.com> Thu, 20 Aug 2009 17:33:26 -0700 |
1042 | + |
1043 | +exim4 (4.69-11ubuntu3) karmic; urgency=low |
1044 | + |
1045 | + * debian/control: Change build dependencies to MySQL 5.1. |
1046 | + |
1047 | + -- Mathias Gug <mathiaz@ubuntu.com> Mon, 17 Aug 2009 17:57:26 -0400 |
1048 | + |
1049 | +exim4 (4.69-11ubuntu2) karmic; urgency=low |
1050 | + |
1051 | + * Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be |
1052 | + the default. |
1053 | + |
1054 | + -- Steve Langasek <steve.langasek@ubuntu.com> Wed, 03 Jun 2009 15:39:14 +0000 |
1055 | + |
1056 | +exim4 (4.69-11ubuntu1) karmic; urgency=low |
1057 | + |
1058 | + * Merge from debian unstable (LP: #375923), remaining changes: |
1059 | + - debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch: |
1060 | + Improve handling of broken messages when "exim4 -bp" (mailq) reports |
1061 | + lines without size info |
1062 | + |
1063 | + -- Thierry Carrez <thierry.carrez@ubuntu.com> Wed, 13 May 2009 12:15:29 +0200 |
1064 | + |
1065 | exim4 (4.69-11) unstable; urgency=medium |
1066 | |
1067 | * Build-Depend on lynx-cur|lynx instead of lynx. (lynx is just a dummy |
1068 | @@ -2730,6 +3467,15 @@ exim4 (4.69-10) unstable; urgency=low |
1069 | |
1070 | -- Andreas Metzler <ametzler@debian.org> Sat, 02 May 2009 09:05:56 +0200 |
1071 | |
1072 | +exim4 (4.69-9ubuntu1) jaunty; urgency=low |
1073 | + |
1074 | + [ Daniel van Eeden <launchpad@myname.nl> ] |
1075 | + * debian/patches/71_exiq_grep_error_on_messages_without_size.dpatch: |
1076 | + Improve handling of broken messages when "exim4 -bp" (mailq) reports lines |
1077 | + w/o size info, LP: #18194 |
1078 | + |
1079 | + -- Dustin Kirkland <kirkland@ubuntu.com> Wed, 11 Feb 2009 06:43:52 -0600 |
1080 | + |
1081 | exim4 (4.69-9) unstable; urgency=medium |
1082 | |
1083 | * [update-exim4.conf]: Use POSIX character classes [:alnum:] or explicit |
1084 | diff --git a/debian/control b/debian/control |
1085 | index 2613616..5cb9158 100644 |
1086 | --- a/debian/control |
1087 | +++ b/debian/control |
1088 | @@ -1,7 +1,8 @@ |
1089 | Source: exim4 |
1090 | Section: mail |
1091 | Priority: standard |
1092 | -Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org> |
1093 | +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
1094 | +XSBC-Original-Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org> |
1095 | Uploaders: |
1096 | Andreas Metzler <ametzler@debian.org>, |
1097 | Marc Haber <mh+debian-packages@zugschlus.de> |
1098 | @@ -34,7 +35,8 @@ Build-Depends: |
1099 | libxt-dev, |
1100 | lynx, |
1101 | po-debconf, |
1102 | - xsltproc |
1103 | + xsltproc, |
1104 | + lsb-release |
1105 | |
1106 | Package: exim4-base |
1107 | Architecture: any |
1108 | diff --git a/debian/patches/fix_smtp_banner.patch b/debian/patches/fix_smtp_banner.patch |
1109 | new file mode 100644 |
1110 | index 0000000..615eb5a |
1111 | --- /dev/null |
1112 | +++ b/debian/patches/fix_smtp_banner.patch |
1113 | @@ -0,0 +1,53 @@ |
1114 | +Description: Add EXIM_DISTRIBUTION var to display it on the SMTP banner |
1115 | +Origin: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates |
1116 | +Author: Yolanda Robla <yolanda.robla@canonical.com> |
1117 | +Forwarded: https://salsa.debian.org/exim-team/exim4/merge_requests/2 |
1118 | +Last-Update: 2018-07-03 |
1119 | + |
1120 | +--- a/src/globals.c |
1121 | ++++ b/src/globals.c |
1122 | +@@ -1443,7 +1443,7 @@ int smtp_accept_queue_per_connection = 10; |
1123 | + int smtp_accept_reserve = 0; |
1124 | + uschar *smtp_active_hostname = NULL; |
1125 | + uschar *smtp_banner = US"$smtp_active_hostname ESMTP " |
1126 | +- "Exim $version_number $tod_full" |
1127 | ++ "Exim $version_number " EXIM_DISTRIBUTION " $tod_full" |
1128 | + "\0<---------------Space to patch smtp_banner->"; |
1129 | + int smtp_ch_index = 0; |
1130 | + uschar *smtp_cmd_argument = NULL; |
1131 | +--- a/src/config.h.defaults |
1132 | ++++ b/src/config.h.defaults |
1133 | +@@ -224,4 +224,6 @@ for EXIM_ARITH_MAX and _MIN in OS/oh.h-FOO */ |
1134 | + #define SC_EXIM_ARITH "%" SCNi64 /* scanf incl. 0x prefix */ |
1135 | + #define SC_EXIM_DEC "%" SCNd64 /* scanf decimal */ |
1136 | + |
1137 | ++#define EXIM_DISTRIBUTION |
1138 | ++ |
1139 | + /* End of config.h.defaults */ |
1140 | +--- a/scripts/Configure-config.h |
1141 | ++++ b/scripts/Configure-config.h |
1142 | +@@ -23,6 +23,12 @@ |
1143 | + if [ "$1" != "" ] ; then MAKE=$1 ; fi |
1144 | + if [ "$MAKE" = "" ] ; then MAKE=make ; fi |
1145 | + |
1146 | ++# exporting distribution to use it in smtp banner |
1147 | ++if test -x /usr/bin/lsb_release && lsb_release -si; then |
1148 | ++ export EXIM_DISTRIBUTION=\"$(lsb_release -si)\" |
1149 | ++else |
1150 | ++ export EXIM_DISTRIBUTION=\"\" |
1151 | ++fi |
1152 | + $MAKE buildconfig || exit 1 |
1153 | + |
1154 | + # BEWARE: tab characters needed in the following sed command. They have had |
1155 | +--- a/src/exim.h |
1156 | ++++ b/src/exim.h |
1157 | +@@ -597,5 +597,9 @@ default to EDQUOT if it exists, otherwise ENOSPC. */ |
1158 | + # define EXIM_GROUPLIST_SIZE NGROUPS_MAX |
1159 | + #endif |
1160 | + |
1161 | ++#ifndef EXIM_DISTRIBUTION |
1162 | ++ #define EXIM_DISTRIBUTION "" |
1163 | ++#endif |
1164 | ++ |
1165 | + #endif |
1166 | + /* End of exim.h */ |
1167 | diff --git a/debian/patches/series b/debian/patches/series |
1168 | index 7f3d8c3..1f74805 100644 |
1169 | --- a/debian/patches/series |
1170 | +++ b/debian/patches/series |
1171 | @@ -38,3 +38,4 @@ |
1172 | 74_33-Fix-segfault-on-bad-cmdline-f-sender-argument.-Bug-2.patch |
1173 | 75_01-Build-Enable-GNU-Hurd-Bug-2476.patch |
1174 | 90_localscan_dlopen.dpatch |
1175 | +fix_smtp_banner.patch |
The merge is fine, our Delta is simple and retained correctly.
The merged version in Debian only has 4 backported fixes and one moved file.
All of them seem valid fixes to me and do not imply the need for an FFe.
Formalisms (changelog, update-maintainer, ..) are all good as well.
+1 form me for an upload before Focal release.