* Dropped:
- SECURITY UPDATE: remote command execution
+ debian/patches/CVE-2019-15846.patch: ensure not to interpret '\\'
before '\0' in src/string.c
+ CVE-2019-15846
[Fixed upstream in 4.92.2]
- Show Ubuntu distribution in SMTP banner
+ Build-Depends on lsb-release to detect Distribution.
+ d/p/fix_smtp_banner.patch: Show Ubuntu distribution in SMTP banner.
21033df...
by
Andreas Metzler <email address hidden>
Import patches-unapplied version 4.92.2-2 to debian/sid
New changelog entries:
* New upstream security release (identical except for the version number to
4.92.1 + 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch).
+ Drop 77_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch.
* Refresh from exim-4.92.2+fixes branch:
+ 75_32-Fix-domain-for-a-bare-local-part-input.-Bug-2375.patch
+ 75_33-exim_dbmbuild-handle-0-sequence.patch
+ 75_34-fixup-exim_dbmbuild-handle-0-sequence.patch
1f8b12d...
by
Andreas Metzler <email address hidden>
Import patches-unapplied version 4.92.1-3 to debian/sid
New changelog entries:
* Pulled from exim-4.92+fixes branch:
+ 75_30-Fix-crash-after-TLS-channel-shutdown.patch
+ 75_31-Auth-handle-socket-read-errors-in-Dovecot-authentica.patch
* Add Breaks: sa-exim (<< 4.2.1-17) to -heavy, see #930648.
* Change *.logrotate to nocreate to work around #400198.
Closes: #399930
fff62f6...
by
Andreas Metzler <email address hidden>
Import patches-unapplied version 4.92.1-1 to debian/sid
New changelog entries:
* New upstream bugfix release. (4.92.1 is 4.92 + the fix for CVE-2019-13917,
so there are no source changes to the previous upload.)
+ Drop 77_Avoid-re-expansion-in-sort-CVE-2019-13917-OVE-201907.patch.
+ Use patches from exim-4.92.1+fixes branch.
* In cron.daily use '/usr/sbin/exim4 -be '${primary_hostname}' instead of
hostname --fqdn to get local hostname (for information purposes).
Closes: #933231
* Run exim4-base daily job via systemd.timer to guarantee execution after
logrotate. Closes: #932328 (Thanks to Sven Hartge for bug-report and
patch)
* Add systemd-sysv as alternative for fulfilling the cron dependency.
* Use debhelper 12 compat.