The NetBSD Project

CVS log for pkgsrc/mail/exim-html/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / mail / exim-html

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.41: download - view: text, markup, annotated - select for diffs
Fri Jul 12 07:04:45 2024 UTC (4 months, 4 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, HEAD
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +4 -4 lines
exim exim-html: updated to 4.98

4.98
This is a security release. It addresses the SMTP smuggling attack to which SMTP servers may be vulnerable.
Exim got CVE-2023-51766 assigned for this issue.

Revision 1.40: download - view: text, markup, annotated - select for diffs
Thu Nov 16 08:55:38 2023 UTC (12 months, 3 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q2-base, pkgsrc-2024Q2, pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +4 -4 lines
exim exim-html: updated to 4.97

Exim version 4.97
-----------------

JH/01 The hosts_connection_nolog main option now also controls "no MAIL in
      SMTP connection" log lines.

JH/02 Option default value updates:
        - queue_fast_ramp (main)        true (was false)
        - remote_max_parallel (main)    4 (was 2)

JH/03 Cache static regex pattern compilations, for use by ACLs.

JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
      Make the rewrite never match and keep the logging.  Trust the
      admin to be using verify=header-syntax (to actually reject the message).

JH/05 Follow symlinks for placing a watch on TLS creds files.  This means
      (under Linux) we watch the dir containing the final file; previously
      it would be the dir with the first symlink.  We still do not monitor
      the entire path.

JH/06 Check for bad chars in rDNS for sender_host_name.  The OpenBSD (at least)
      dn_expand() is happy to pass them through.

JH/07 OpenSSL Fix auto-reload of changed server OCSP proof.  Previously, if
      the file with the proof had an unchanged name, the new proof(s) were
      loaded on top of the old ones (and nover used; the old ones were stapled).

JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
      more than one message arrived in a single connection a reference from
      the earlier message could be re-used.  Often a sigsegv resulted.
      These variables were introduced in Exim 4.87.
      Debug help from Graeme Fowler.

JH/09 Fix ${filter } for conditions that modify $value.  Previously the
      modified version would be used in construction the result, and a memory
      error would occur.

JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
      Find and fix by Jasen Betts.

JH/11 OpenSSL: fix for ancient clients needing TLS support for versions earlier
      than TLSv1,2,  Previously, more-recent versions of OpenSSL were permitting
      the systemwide configuration to override the Exim config.

HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
      API changes in libopendmarc.

JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
      pid 1, in the normal "background daemon" mode, having to drop process-
      group leadership also lost track of needing to create listener sockets.

JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
      resulted in the variable appearing empty.  Find and fix by Ruben Jenster.

JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
      a capture group which obtained no text (eg. "(abc)*" matching zero
      occurrences) could cause a segfault if the corresponding $<n> was
      expanded.

JH/15 Fix argument parsing for ${run } expansion. Previously, when an argument
      included a close-brace character (eg. it itself used an expansion) an
      error occurred.

JH/16 Move running the smtp connect ACL to before, for TLS-on-connect ports,
      starting TLS.  Previously it was after, meaning that attackers on such
      ports had to be screened using the host_reject_connection main config
      option. The new sequence aligns better with the STARTTLS behaviour, and
      permits defences against crypto-processing load attacks, even though it
      is strictly an incompatible change.
      Also, avoid sending any SMTP fail response for either the connect ACL
      or host_reject_connection, for TLS-on-connect ports.

JH/17 Permit the ACL "encrypted" condition to be used in a HELO/EHLO ACL,
      Previously this was not permitted, but it makes reasonable sense.
      While there, restore a restriction on using it from a connect ACL; given
      the change JH/16 it could only return false (and before 4.91 was not
      permitted).

JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
      was exactly sized compared to the log buffer, a crash occurred with the
      misleading message "bad memory reference; pool not found".
      Found and traced by Jasen Betts.

JH/19 Bug 2911: Fix a recursion in DNS lookups.  Previously, if the main option
      dns_again_means_nonexist included an element causing a DNS lookup which
      itself returned DNS_AGAIN, unbounded recursion occurred.  Possible results
      included (though probably not limited to) a process crash from stack
      memory limit, or from excessive open files.  Replace this with a paniclog
      whine (as this is likely a configuration error), and returning
      DNS_NOMATCH.

JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
      this always failed, probably leading to the usual downgrade to in-clear
      connections.

JH/21 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
      SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
      to not checking that list for these lookups.

JH/22 Bug 2434: Add connection-elapsed "D=" element to more connection
      closure log lines.

JH/23 Fix crash in string expansions. Previously, if an empty variable was
      immediately followed by an expansion operator, a null-indirection read
      was done, killing the process.

JH/24 Bug 2997: When built with EXPERIMENTAL_DSN_INFO, bounce messages can
      include an SMTP response string which is longer than that supported
      by the delivering transport.  Alleviate by wrapping such lines before
      column 80.

JH/25 Bug 2827: Restrict size of References: header in bounce messages to 998
      chars (RFC limit).  Previously a limit of 12 items was made, which with
      a not-impossible References: in the message being bounced could still
      be over-large and get stopped in the transport.

JH/26 For a ${readsocket } in TLS mode, send a TLS Close Alert before the TCP
      close.  Previously a bare socket close was done.

JH/27 Fix ${srs_encode ..}.  Previously it would give a bad result for one day
      every 1024 days.

JH/28 Bug 2996: Fix a crash in the smtp transport.  When finding that the
      message being considered for delivery was already being handled by
      another process, and having an SMTP connection already open, the function
      to close it tried to use an uninitialized variable.  This would afftect
      high-volume sites more, especially when running mailing-list-style loads.
      Pollution of logs was the major effect, as the other process delivered
      the message.  Found and partly investigated by Graeme Fowler.

JH/29 Change format of the internal ID used for message identification. The old
      version only supported 31 bits for a PID element; the new 64 (on systems
      which can use Base-62 encoding, which is all currently supported ones
      but not Darwin (MacOS) or Cygwin, which have case-insensitive filesystems
      and must use Base-36).  The new ID is 23 characters rather than 16, and is
      visible in various places - notably logs, message headers, and spool file
      names.  Various of the ancillary utilities also have to know the format.
        As well as the expanded PID portion, the sub-second part of the time
      recorded in the ID is expanded to support finer precision.  Theoretically
      this permits a receive rate from a single comms channel of better than the
      previous 2000/sec.
        The major timestamp part of the ID is not changed; at 6 characters it is
      usable until about year 3700.
        Updating from previously releases is fully supported: old-format spool
      files are still usable, and the utilities support both formats.  New
      message will use the new format.  The one hints-DB file type which uses
      message-IDs (the transport wait- DB) will be discarded if an old-format ID
      is seen; new ones will be built with only new-format IDs.
      Optionally, a utility can be used to convert spool files from old to new,
      but this is only an efficiency measure not a requirement for operation
        Downgrading from new to old requires running a provided utility, having
      first stopped all operations.  This will convert any spool files from new
      back to old (losing time-precision and PID information) and remove any
      wait- hints databases.

JH/30 Bug 3006: Fix handling of JSON strings having embedded commas. Previously
      we treated them as item separators when parsing for a list item, but they
      need to be protected by the doublequotes.  While there, add handling for
      backslashes.

JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints.
      Found and fixed by Jasen Betts. No testcase for this as my usual text
      editor insists on emitting only valid UTF-8.

JH/32 Fix "tls_dhparam = none" under GnuTLS.  At least with 3.7.9 this gave
      a null-indirection SIGSEGV for the receive process.

JH/33 Fix free for live variable $value created by a ${run ...} expansion during
      -bh use.  Internal checking would spot this and take a panic.

JH/34 Bug 3013: Fix use of $recipients within arguments for ${run...}.
      In 4.96 this would expand to empty.

JH/35 Bug 3014: GnuTLS: fix expiry date for an auto-generated server
      certificate.  Find and fix by Andreas Metzler.

JH/36 Add ARC info to DMARC hostory records.

JH/37 Bug 3016: Avoid sending DSN when message was accepted under fakereject
      or fakedefer.  Previously the sender could discover that the message
      had in fact been accepted.

JH/38 Taint-track intermediate values from the peer in multi-stage authentation
      sequences.  Previously the input was not noted as being tainted; notably
      this resulted in behaviour of LOGIN vs. PLAIN being inconsistent under
      bad coding of authenticators.

JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings
      and ${tr...}.  Found and diagnosed by Heiko Schlichting.

JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which
      could be triggered by externally-supplied input.  Found by Trend Micro.
      CVE-2023-42115

JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42116

JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42114

JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
      Make the rewrite never match and keep the logging.  Trust the
      admin to be using verify=header-syntax (to actually reject the message).

JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses.
      CVE-2023-42219

Revision 1.39: download - view: text, markup, annotated - select for diffs
Sat Jul 2 09:24:34 2022 UTC (2 years, 5 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2, pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +4 -4 lines
exim exim-html: updated to 4.96

New stuff we've added since 4.95:

  - A new ACL condition: seen. Records/tests a timestamp against a key.
  - A variant of the "mask" expansion operator to give normalised IPv6.
  - UTC output option for exim_dumpdb, exim_fixdb.
  - An event for failing TLS connects to the daemon.
  - The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
  - Query-style lookups are now checked for quoting, if the query string is
     built using untrusted data ("tainted").  For now lack of quoting is merely
     logged; a future release will upgrade this to an error.
  - The expansion conditions match_<list-type> and inlist now set $value for
     the expansion of the "true" result of the ${if}.  With a static list, this
     can be used for de-tainting.

Notable removals since 4.95:

   - the "allow_insecure_tainted_data" main config option and the
     "taint" log_selector.  These were deprecated in the 4.95 release.

Revision 1.38: download - view: text, markup, annotated - select for diffs
Sun Nov 14 20:19:08 2021 UTC (3 years ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +4 -4 lines
exim exim-html: updated to 4.95

Version 4.95
------------

 1. The fast-ramp two phase queue run support, previously experimental, is
    now supported by default.

 2. The native SRS support, previously experimental, is now supported. It is
    not built unless specified in the Local/Makefile.

 3. TLS resumption support, previously experimental, is now supported and
    included in default builds.

 4. Single-key LMDB lookups, previously experimental, are now supported.
    The support is not built unless specified in the Local/Makefile.

 5. Option "message_linelength_limit" on the smtp transport to enforce (by
    default) the RFC 998 character limit.

 6. An option to ignore the cache on a lookup.

 7. Quota checking during reception (i.e. at SMTP time) for appendfile-
    transport-managed quotas.

 8. Sqlite lookups accept a "file=<path>" option to specify a per-operation
    db file, replacing the previous prefix to the SQL string (which had
    issues when the SQL used tainted values).

 9. Lsearch lookups accept a "ret=full" option, to return both the portion
    of the line matching the key, and the remainder.

10. A command-line option to have a daemon not create a notifier socket.

11. Faster TLS startup.  When various configuration options contain no
    expandable elements, the information can be preloaded and cached rather
    than the previous behaviour of always loading at startup time for every
    connection.  This helps particularly for the CA bundle.

12. Proxy Protocol Timeout is configurable via "proxy_protocol_timeout"
    main config option.

13. Option "smtp_accept_max_per_connection" is now expanded.

14. Log selector "queue_size_exclusive", enabled by default, to exclude the
    time taken for reception from QT log elements.

15. Main option "smtp_backlog_monitor", to set a level above which listen
    socket backlogs are logged.

16. Main option "hosts_require_helo", requiring HELO or EHLO before MAIL.

17. A main config option "allow_insecure_tainted_data" allows to turn

18. TLS ALPN handling.  By default, refuse TLS connections that try to specify
    a non-smtp (eg. http) use.  Options for customising.

19. Support for MacOS (darwin) has been dropped.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Tue Oct 26 10:54:00 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +2 -2 lines
mail: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles were unfetchable (possibly fetched
conditionally?):

./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch

Revision 1.36: download - view: text, markup, annotated - select for diffs
Thu Oct 7 14:25:17 2021 UTC (3 years, 2 months ago) by nia
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +1 -2 lines
mail: Remove SHA1 hashes for distfiles

Revision 1.35: download - view: text, markup, annotated - select for diffs
Mon Jun 1 19:42:48 2020 UTC (4 years, 6 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +5 -5 lines
exim exim-html: updated to 4.94

Exim version 4.94
-----------------

JH/01 Avoid costly startup code when not strictly needed.  This reduces time
      for some exim process initialisations.  It does mean that the logging
      of TLS configuration problems is only done for the daemon startup.

JH/02 Early-pipelining support code is now included unless disabled in Makefile.

JH/03 DKIM verification defaults no long accept sha1 hashes, to conform to
      RFC 8301.  They can still be enabled, using the dkim_verify_hashes main
      option.

JH/04 Support CHUNKING from an smtp transport using a transport_filter, when
      DKIM signing is being done.  Previously a transport_filter would always
      disable CHUNKING, falling back to traditional DATA.

JH/05 Regard command-line receipients as tainted.

JH/06 Bug 340: Remove the daemon pid file on exit, whe due to SIGTERM.

JH/07 Bug 2489: Fix crash in the "pam" expansion condition.  It seems that the
      PAM library frees one of the arguments given to it, despite the
      documentation.  Therefore a plain malloc must be used.

JH/08 Bug 2491: Use tainted buffers for the transport smtp context.  Previously
      on-stack buffers were used, resulting in a taint trap when DSN information
      copied from a received message was written into the buffer.

JH/09 Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix
      the ordering of its ARC headers.  This caused a crash.

JH/10 Bug 2492: Use tainted memory for retry record when needed.  Previously when
      a new record was being constructed with information from the peer, a trap
      was taken.

JH/11 Bug 2494: Unset the default for dmarc_tld_file.  Previously a naiive
      installation would get error messages from DMARC verify, when it hit the
      nonexistent file indicated by the default.  Distros wanting DMARC enabled
      should both provide the file and set the option.
      Also enforce no DMARC verification for command-line sourced messages.

JH/12 Fix an uninitialised flag in early-pipelining.  Previously connections
      could, depending on the platform, hang at the STARTTLS response.

JH/13 Bug 2498: Reset a counter used for ARC verify before handling another
      message on a connection.  Previously if one message had ARC headers and
      the following one did not, a crash could result when adding an
      Authentication-Results: header.

JH/14 Bug 2500: Rewind some of the common-coding in string handling between the
      Exim main code and Exim-related utities.  The introduction of taint
      tracking also did many adjustments to string handling.  Since then, eximon
      frequently terminated with an assert failure.

JH/15 When PIPELINING, synch after every hundred or so RCPT commands sent and
      check for 452 responses.  This slightly helps the inefficieny of doing
      a large alias-expansion into a recipient-limited target.  The max_rcpt
      transport option still applies (and at the current default, will override
      the new feature).  The check is done for either cause of synch, and forces
      a fast-retry of all 452'd recipients using a new MAIL FROM on the same
      connection.  The new facility is not tunable at this time.

JH/16 Fix the variables set by the gsasl authenticator.  Previously a pointer to
      library live data was being used, so the results became garbage.  Make
      copies while it is still usable.

JH/17 Logging: when the deliver_time selector ise set, include the DT= field
      on delivery deferred (==) and failed (**) lines (if a delivery was
      attemtped).  Previously it was only on completion (=>) lines.

JH/18 Authentication: the gsasl driver not provides the $authN variables in time
      for the expansion of the server_scram_iter and server_scram_salt options.

WB/01 SPF: DNS lookups for the obsolete SPF RR type done by the libspf2 library
      are now specifically given a NO_DATA response without hitting the system
      resolver.  The library goes on to do the now-standard TXT lookup.
      Use of dnsdb lookups is not affected.

JH/19 Bug 2507: Modules: on handling a dynamic-module (lookups) open failure,
      only retrieve the errormessage once.  Previously two calls to dlerror()
      were used, and the second one (for mainlog/paniclog) retrieved null
      information.

JH/20 Taint checking: disallow use of tainted data for
      - the appendfile transport file and directory options
      - the pipe transport command
      - the autoreply transport file, log and once options
      - file names used by the redirect router (including filter files)
      - named-queue names
      - paths used by single-key lookups
      Previously this was permitted.

JH/21 Bug 2501: Fix init call in the heimdal authenticator.  Previously it
      adjusted the size of a major service buffer; this failed because the
      buffer was in use at the time.  Change to a compile-time increase in the
      buffer size, when this authenticator is compiled into exim.

JH/22 Taint-checking: move to safe-mode taint checking on all platforms.  The
      previous fast-mode was untenable in the face of glibs using mmap to
      support larger malloc requests.

PP/01 Update the openssl_options possible values through OpenSSL 1.1.1c.
      New values supported, if defined on system where compiled:
      allow_no_dhe_kex, cryptopro_tlsext_bug, enable_middlebox_compat,
      no_anti_replay, no_encrypt_then_mac, prioritize_chacha, tlsext_padding

JH/23 Performance improvement in the initial phase of a two-pass queue run.  By
      running a limited number of proceses in parallel, a benefit is gained. The
      amount varies with the platform hardware and load.  The use of the option
      queue_run_in_order means we cannot do this, as ordering becomes
      indeterminate.

JH/24 Bug 2524: fix the cyrus_sasl auth driver gssapi usage.  A previous fix
      had introduced a string-copy (for ensuring NUL-termination) which was not
      appropriate for that case, which can include embedded NUL bytes in the
      block of data.  Investigation showed the copy to actually be needless, the
      data being length-specified.

JH/25 Fix use of concurrent TLS connections under GnuTLS.  When a callout was
      done during a receiving connection, and both used TLS, global info was
      used rather than per-connection info for tracking the state of data
      queued for transmission.  This could result in a connection hang.

JH/26 Fix use of the SIZE parameter on MAIL commands, on continued connections.
      Previously, when delivering serveral messages down a single connection
      only the first would provide a SIZE.  This was due to the size information
      not being properly tracked.

JH/27 Bug 2530: When operating in a timezone with sub-minute offset, such as
      TAI (at 37 seconds currently), pretend to be in UTC for time-related
      expansion and logging.  Previously, spurious values such as a future
      minute could be seen.

JH/28 Bug 2533: Fix expansion of ${tr } item.  When called in some situations
      it could crash from a null-deref.  This could also affect the
      ${addresses: } operator and ${readsock } item.

JH/29 Bug 2537: Fix $mime_part_count.  When a single connection had a non-mime
      message following a mime one, the variable was not reset.

JH/30 When an pipelined-connect fails at the first response, assume incorrect
      cached capability (perhaps the peer reneged?) and immediately retry in
      non-pipelined mode.

JH/31 Fix spurious detection of timeout while writing to transport filter.

JH/32 Bug 2541: Fix segfault on bad cmdline -f (sender) argument.  Previously
      an attempt to copy the string was made before checking it.

JH/33 Fix the dsearch lookup to return an untainted result.  Previously the
      taint of the lookup key was maintained; we now regard the presence in the
      filesystem as sufficient validation.

JH/34 Fix the readsocket expansion to not segfault when an empty "options"
      argument is supplied.

JH/35 The dsearch lookup now requires that the directory is an absolute path.
      Previously this was not checked, and nonempty relative paths made an
      access under Exim's current working directory.

JH/36 Bug 2554: Fix msg:defer event for the hosts_max_try_hardlimit case.
      Previously no event was raised.

JH/37 Bug 2552: Fix the check on spool space during reception to use the SIZE
      parameter supplied by the sender MAIL FROM command.  Previously it was
      ignored, and only the check_spool_space option value for the required
      leeway checked.

JH/38 Fix $dkim_key_length.  This should, after a DKIM verification, present
      the size of the signing public-key.  Previously it was instead giving
      the size of the signature hash.

JH/39 DKIM verification: the RFC 8301 restriction on sizes of RSA keys is now
      the default.  See the (new) dkim_verify_min_keysizes option.

JH/40 Fix a memory-handling bug: when a connection carried multiple messages
      and an ACL use a lookup for checking either the local_part or domain,
      stale data could be accessed.  Ensure that variable references are
      dropped between messages.

JH/41 Bug 2571: Fix SPA authenticator.  Running as a server, an offset supplied
      by the client was not checked as pointing within response data before
      being used.  A malicious client could thus cause an out-of-bounds read and
      possibly gain authentication.  Fix by adding the check.

JH/42 Internationalisation: change the default for downconversion in the smtp
      transport to be "if needed".  Previously it was "as previously set" for
      the message, which usually meant "if needed" for message-submission but
      "no" for everything else.  However, MTAs have been seen using SMTPUTF8
      even when the envelope addresses did not need it, resulting in forwarding
      failures to non-supporting MTAs.  A downconvert in such cases will be
      a no-op on the addresses, merely dropping the use of SMTPUTF8 by the
      transport.  The change does mean that addresses needing conversion will
      be converted when previously a delivery failure would occur.

JH/43 Fix possible long line in DSN.  Previously when a very long SMTP error
      response was received it would be used unchecked in a fail-DSN, violating
      standards on line-length limits.  Truncate if needed.

HS/01 Remove parameters of the link to www.open-spf.org. The linked form
      doesn't work. (Additionally add a new main config option to configure the
      spf_smtp_comment)

Revision 1.34: download - view: text, markup, annotated - select for diffs
Mon Dec 9 18:46:01 2019 UTC (5 years ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +5 -5 lines
exim: updated to 4.93

Exim version 4.93
-----------------

JH/01 OpenSSL: With debug enabled output keying information sufficient, server
      side, to decode a TLS 1.3 packet capture.

JH/02 OpenSSL: Suppress the sending of (stateful) TLS1.3 session tickets.
      Previously the default library behaviour applied, sending two, each in
      its own TCP segment.

JH/03 Debug output for ACL now gives the config file name and line number for
      each verb.

JH/04 The default received_header_text now uses the RFC 8314 tls cipher clause.

JH/05 DKIM: ensure that dkim_domain elements are lowercased before use.

JH/06 Fix buggy handling of autoreply bounce_return_size_limit, and a possible
      buffer overrun for (non-chunking) other transports.

JH/07 GnuTLS: Our use of late (post-handshake) certificate verification, under
      TLS1.3, means that a server rejecting a client certificate is not visible
      to the client until the first read of encrypted data (typically the
      response to EHLO).  Add detection for that case and treat it as a failed
      TLS connection attempt, so that the normal retry-in-clear can work (if
      suitably configured).

JB/01 Bug 2375: fix expansions of 822 addresses having comments in local-part
      and/or domain.  Found and fixed by Jason Betts.

JH/08 Add hardening against SRV & TLSA lookups the hit CNAMEs (a nonvalid
      configuration).  If a CNAME target was not a wellformed name pattern, a
      crash could result.

JH/09 Logging: Fix initial listening-on line for multiple ports for an IP when
      the OS reports them interleaved with other addresses.

JH/10 OpenSSL: Fix aggregation of messages.  Previously, when PIPELINING was
      used both for input and for a verify callout, both encrypted, SMTP
      responses being sent by the server could be lost.  This resulted in
      dropped connections and sometimes bounces generated by a peer sending
      to this system.

JH/11 Harden plaintext authenticator against a badly misconfigured client-send
      string.  Previously it was possible to cause undefined behaviour in a
      library routine (usually a crash).  Found by "zerons".

JH/12 Bug 2384: fix "-bP smtp_receive_timeout".  Previously it returned no
      output.

JH/13 Bug 2386: Fix builds with Dane under LibreSSL 2.9.0 onward.  Some old
      API was removed, so update to use the newer ones.

JH/14 Bug 1891: Close the log file if receiving a non-smtp message, without
      any timeout set, is taking a long time.  Previously we would hang on to a
      rotated logfile "forever" if the input was arriving with long gaps
      (a previous attempt to fix addressed lack, for a long time, of initial
      input).

HS/01 Bug 2390: Use message_id for tempfile creation to avoid races in a
      shared (NFS) environment. The length of the tempfile name is now
      4 + 16 ("hdr.$message_exim_id") which might break on file
      systems which restrict the file name length to lower values.
      (It was "hdr.$pid".)

HS/02 Bug 2390: Use message_id for tempfile creation to avoid races in a
      shared (NFS) environment.

HS/03 Bug 2392: exigrep does case sensitive *option* processing (as it
      did for all versions <4.90). Notably -M, -m, --invert, -I may be
      affected.

JH/15 Use unsigned when creating bitmasks in macros, to avoid build errors
      on some platforms for bit 31.

JH/16 GnuTLS: rework ciphersuite strings under recent library versions.  Thanks
      to changes apparently associated with TLS1.3 handling some of the APIs
      previously used were either nonfunctional or inappropriate.  Strings
      like TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM__AEAD:256
      and TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_128_CBC__SHA256:128 replace
      the previous TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 .
      This affects log line X= elements, the $tls_{in,out}_cipher variables,
      and the use of specific cipher names in the encrypted= ACL condition.

JH/17 OpenSSL: the default openssl_options now disables ssl_v3.

JH/18 GnuTLS: fix $tls_out_ocsp under hosts_request_ocsp. Previously the
      verification result was not updated unless hosts_require_ocsp applied.

JH/19 Bug 2398: fix listing of a named-queue.  Previously, even with the option
      queue_list_requires_admin set to false, non-admin users were denied the
      facility.

JH/20 Bug 2389: fix server advertising of usable certificates, under GnuTLS in
      directory-of-certs mode.  Previously they were advertised despite the
      documentation.

JH/21 The smtp transport option "hosts_noproxy_tls" is now unset by default.
      A single TCP connection by a client will now hold a TLS connection open
      for multiple message deliveries, by default.  Previoud the default was to
      not do so.

JH/22 The smtp transport option "hosts_try_dane" now enables all hosts by
      default.  If built with the facility, DANE will be used.  The facility
      SUPPORT_DANE is now enabled in the prototype build Makefile "EDITME".

JH/23 The build default is now for TLS to be included; the SUPPORT_TLS define
      is replaced with DISABLE_TLS.  Either USE_GNUTLS or (the new) USE_OPENSSL
      must be defined and you must still, unless you define DISABLE_TLS, manage
      the the include-dir and library-file requirements that go with that
      choice.  Non-TLS builds are still supported.

JH/24 Fix duplicated logging of peer name/address, on a transport connection-
      reject under TFO.

JH/25 The smtp transport option "hosts_try_fastopen" now enables all hosts by
      default.  If the platform supports and has the facility enabled, it will
      be requested on all coneections.

JH/26 The PIPE_CONNECT facility is promoted from experimental status and is now
      controlled by the build-time option SUPPORT_PIPE_CONNECT.

PP/01 Unbreak heimdal_gssapi, broken in 4.92.

JH/27 Bug 2404: Use the main-section configuration option "dsn_from" for
      success-DSN messages.  Previously the From: header was always the default
      one for these; the option was ignored.

JH/28 Fix the timeout on smtp response to apply to the whole response.
      Previously it was reset for every read, so a teergrubing peer sending
      single bytes within the time limit could extend the connection for a
      long time.  Credit to Qualsys Security Advisory Team for the discovery.

JH/29 Fix DSN Final-Recipient: field.  Previously it was the post-routing
      delivery address, which leaked information of the results of local
      forwarding.  Change to the original envelope recipient address, per
      standards.

JH/30 Bug 2411: Fix DSN generation when RFC 3461 failure notification is
      requested.  Previously not bounce was generated and a log entry of
      error ignored was made.

JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917)

JH/32 Introduce a general tainting mechanism for values read from the input
      channel, and values derived from them.  Refuse to expand any tainted
      values, to catch one form of exploit.

JH/33 Bug 2413: Fix dkim_strict option.  Previously the expansion result
      was unused and the unexpanded text used for the test.  Found and
      fixed by Ruben Jenster.

JH/34 Fix crash after TLS shutdown.  When the TCP/SMTP channel was left open,
      an attempt to use a TLS library read routine dereffed a nul pointer,
      causing a segfault.

JH/35 Bug 2409: filter out-of-spec chars from callout response before using
      them in our smtp response.

JH/36 Have the general router option retry_use_local_part default to true when
      any of the restrictive preconditions are set (to anything).  Previously it
      was only for check_local user.  The change removes one item of manual
      configuration which is required for proper retries when a remote router
      handles a subset of addresses for a domain.

JH/37 Appendfile: when evaluating quota use (non-quota_size_regex) take the file
      link count into consideration.

HS/04 Fix handling of very log lines in -H files. If a -<key> <value> line
      caused the extension of big_buffer, the following lines were ignored.

JH/38 Bug 1395: Teach the DNS negative-cache about TTL value from the SOA in
      accordance with RFC 2308.  Previously there was no expiry, so a longlived
      receive process (eg. due to ACL delays) versus a short SOA value could
      surprise.

HS/05 Handle trailing backslash gracefully. (CVE-2019-15846)

JH/39 Promote DMARC support to mainline.

JH/40 Bug 2452: Add a References: header to DSNs.

JH/41 With GnuTLS 3.6.0 (and later) do not attempt to manage Diffie-Hellman
      parameters.  The relevant library call is documented as "Deprecated: This
      function is unnecessary and discouraged on GnuTLS 3.6.0 or later. Since
      3.6.0, DH parameters are negotiated following RFC7919."

HS/06 Change the default of dnssec_request_domains to "*"

JH/42 Bug 2545: Fix CHUNKING for all RCPT commands rejected.  Previously we
      carried on and emitted a BDAT command, even when PIPELINING was not
      active.

JH/43 Bug 2465: Fix taint-handling in dsearch lookup.  Previously a nontainted
      buffer was used for the filename, resulting in a trap when tainted
      arguments (eg. $domain) were used.

JH/44 With OpenSSL 1.1.1 (onwards) disable renegotiation for TLS1.2 and below;
      recommended to avoid a possible server-load attack.  The feature can be
      re-enabled via the openssl_options main cofiguration option.

JH/45 local_scan API: documented the current smtp_printf() call. This changed
      for version 4.90 - adding a "more data" boolean to the arguments.
      Bumped the ABI version number also, this having been missed previously;
      release versions 4.90 to 4.92.3 inclusive were effectively broken in
      respect of usage of smtp_printf() by either local_scan code or libraries
      accessed via the ${dlfunc } expansion item.  Both will need coding
      adjustment for any calls to smtp_printf() to match the new function
      signature; a FALSE value for the new argument is always safe.

JH/46 FreeBSD: fix use of the sendfile() syscall.  The shim was not updating
      the file-offset (which the Linux syscall does, and exim expects); this
      resulted in an indefinite loop.

JH/47 ARC: fix crash in signing, triggered when a configuration error failed
      to do ARC verification.  The Authentication-Results: header line added
      by the configuration then had no ARC item.

Revision 1.33: download - view: text, markup, annotated - select for diffs
Mon Sep 30 19:25:58 2019 UTC (5 years, 2 months ago) by wiedi
Branches: MAIN
CVS tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +5 -5 lines
exim: update to 4.92.3

Fix for CVE-2019-16928

Revision 1.32: download - view: text, markup, annotated - select for diffs
Fri Sep 6 13:21:35 2019 UTC (5 years, 3 months ago) by adam
Branches: MAIN
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +5 -5 lines
exim-html: updated to 4.92.2

keep up with exim

Revision 1.31: download - view: text, markup, annotated - select for diffs
Sun Feb 24 20:31:00 2019 UTC (5 years, 9 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +5 -5 lines
exim: updated to 4.92

4.92:
New features include:
- ${l_header:<name>} expansion
- ${readsocket} now supports TLS
- "utf8_downconvert" option (if built with SUPPORT_I18N)
- "pipelining" log_selector
- JSON variants for ${extract } expansion
- "noutf8" debug option
- TCP Fast Open support on MacOS

Revision 1.30: download - view: text, markup, annotated - select for diffs
Mon Apr 23 07:28:18 2018 UTC (6 years, 7 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +5 -5 lines
exim: updated to 4.91

Version 4.91

 1. Dual-certificate stacks on servers now support OCSP stapling, under GnuTLS
    version 3.5.6 or later.

 2. DANE is now supported under GnuTLS version 3.0.0 or later.  Both GnuTLS and
    OpenSSL versions are moved to mainline support from Experimental.
    New SMTP transport option "dane_require_tls_ciphers".

 3. Feature macros for the compiled-in set of malware scanner interfaces.

 4. SPF support is promoted from Experimental to mainline status.  The template
    src/EDITME makefile does not enable its inclusion.

 5. Logging control for DKIM verification.  The existing DKIM log line is
    controlled by a "dkim_verbose" selector which is _not_ enabled by default.
    A new tag "DKIM=<domain>" is added to <= lines by default, controlled by
    a "dkim" log_selector.

 6. Receive duration on <= lines, under a new log_selector "receive_time".

 7. Options "ipv4_only" and "ipv4_prefer" on the dnslookup router and on
    routing rules in the manualroute router.

 8. Expansion item ${sha3:<string>} / ${sha3_<N>:<string>} now also supported
    under OpenSSL version 1.1.1 or later.

 9. DKIM operations can now use the Ed25519 algorithm in addition to RSA, under
    GnuTLS 3.6.0 or OpenSSL 1.1.1 or later.

10. Builtin feature-macros _CRYPTO_HASH_SHA3 and _CRYPTO_SIGN_ED25519, library
    version dependent.

11. "exim -bP macro <name>" returns caller-usable status.

12. Expansion item ${authresults {<machine>}} for creating an
    Authentication-Results: header.

13. EXPERIMENTAL_ARC.  See the experimental.spec file.
    See also new util/renew-opendmarc-tlds.sh script for use with DMARC/ARC.

14: A dane:fail event, intended to facilitate reporting.

15. "Lightweight" support for Redis Cluster. Requires redis_servers list to
    contain all the servers in the cluster, all of which must be reachable from
    the running exim instance. If the cluster has master/slave replication, the
    list must contain all the master and slave servers.

16. Add an option to the Avast scanner interface: "pass_unscanned". This
    allows to treat unscanned files as clean. Files may be unscanned for
    several reasons: decompression bombs, broken archives.

Revision 1.28.10.1: download - view: text, markup, annotated - select for diffs
Thu Mar 8 20:22:05 2018 UTC (6 years, 9 months ago) by spz
Branches: pkgsrc-2017Q4
Diff to: previous 1.28: preferred, colored; next MAIN 1.29: preferred, colored
Changes since revision 1.28: +5 -5 lines
Pullup ticket #5719 - requested by maya
mail/exim-html: security update

Revisions pulled up:
- mail/exim-html/Makefile                                       1.36
- mail/exim-html/PLIST                                          1.17
- mail/exim-html/distinfo                                       1.29
- mail/exim/Makefile                                            1.158
- mail/exim/distinfo                                            1.68
- mail/exim/files/Makefile-DragonFly                            deleted
- mail/exim/files/os.h-DragonFly                                deleted

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Mar  7 08:24:47 UTC 2018

   Modified Files:
           pkgsrc/mail/exim: Makefile distinfo
           pkgsrc/mail/exim-html: Makefile PLIST distinfo
   Removed Files:
           pkgsrc/mail/exim/files: Makefile-DragonFly os.h-DragonFly

   Log Message:
   exim: updated to 4.90.1

   Exim version 4.90.1

   JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
         Previously only the last row was returned.

   JH/04 Bug 2217: Tighten up the parsing of DKIM signature headers. Previously
         we assumed that tags in the header were well-formed, and parsed the
         element content after inspecting only the first char of the tag.
         Assumptions at that stage could crash the receive process on malformed
         input.

   JH/05 Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
         While running the DKIM ACL we operate on the Permanent memory pool so that
         variables created with "set" persist to the DATA ACL.  Also (at any time)
         DNS lookups that fail create cache records using the Permanent pool.  But
         expansions release any allocations made on the current pool - so a dnsdb
         lookup expansion done in the DKIM ACL releases the memory used for the
         DNS negative-cache, and bad things result.  Solution is to switch to the
         Main pool for expansions.
         While we're in that code, add checks on the DNS cache during store_reset,
         active in the testsuite.
         Problem spotted, and debugging aided, by Wolfgang Breyha.

   JH/06 Fix issue with continued-connections when the DNS shifts unreliably.
         When none of the hosts presented to a transport match an already-open
         connection, close it and proceed with the list.  Previously we would
         queue the message.  Spotted by Lena with Yahoo, probably involving
         round-robin DNS.

   JH/07 Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
         Previously a spurious "250 OK id=" response was appended to the proper
         failure response.

   JH/10 Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
         rows affected is given instead).

   JH/12 Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
         SMTP connection.  Previously, when one had more receipients than the
         first, an abortive onward connection was made.  Move to full support for
         multiple onward connections in sequence, handling cutthrough connection
         for all multi-message initiating connections.

   JH/13 Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
         routers.  Previously, a multi-recipient message would fail to match the
         onward-connection opened for the first recipient, and cause its closure.

   JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
         a timeout on read on a GnuTLS initiating connection, resulting in the
         initiating connection being dropped.  This mattered most when the callout
         was marked defer_ok.  Fix to keep the two timeout-detection methods
         separate.

   HS/01 Fix Buffer overflow in base64d() (CVE-2018-6789)

   JH/16 Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
         metadata, resulting in a crash in free().

   PP/01 Fix broken Heimdal GSSAPI authenticator integration.
         Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
         Broken also in d185889f4, with init system revamp.


   To generate a diff of this commit:
   cvs rdiff -u -r1.157 -r1.158 pkgsrc/mail/exim/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/mail/exim/distinfo
   cvs rdiff -u -r1.35 -r1.36 pkgsrc/mail/exim-html/Makefile
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/exim-html/PLIST
   cvs rdiff -u -r1.28 -r1.29 pkgsrc/mail/exim-html/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/mail/exim/files/Makefile-DragonFly \
       pkgsrc/mail/exim/files/os.h-DragonFly

Revision 1.29: download - view: text, markup, annotated - select for diffs
Wed Mar 7 08:24:47 2018 UTC (6 years, 9 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +5 -5 lines
exim: updated to 4.90.1

Exim version 4.90.1

JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
      Previously only the last row was returned.

JH/04 Bug 2217: Tighten up the parsing of DKIM signature headers. Previously
      we assumed that tags in the header were well-formed, and parsed the
      element content after inspecting only the first char of the tag.
      Assumptions at that stage could crash the receive process on malformed
      input.

JH/05 Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
      While running the DKIM ACL we operate on the Permanent memory pool so that
      variables created with "set" persist to the DATA ACL.  Also (at any time)
      DNS lookups that fail create cache records using the Permanent pool.  But
      expansions release any allocations made on the current pool - so a dnsdb
      lookup expansion done in the DKIM ACL releases the memory used for the
      DNS negative-cache, and bad things result.  Solution is to switch to the
      Main pool for expansions.
      While we're in that code, add checks on the DNS cache during store_reset,
      active in the testsuite.
      Problem spotted, and debugging aided, by Wolfgang Breyha.

JH/06 Fix issue with continued-connections when the DNS shifts unreliably.
      When none of the hosts presented to a transport match an already-open
      connection, close it and proceed with the list.  Previously we would
      queue the message.  Spotted by Lena with Yahoo, probably involving
      round-robin DNS.

JH/07 Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
      Previously a spurious "250 OK id=" response was appended to the proper
      failure response.

JH/10 Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
      rows affected is given instead).

JH/12 Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
      SMTP connection.  Previously, when one had more receipients than the
      first, an abortive onward connection was made.  Move to full support for
      multiple onward connections in sequence, handling cutthrough connection
      for all multi-message initiating connections.

JH/13 Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
      routers.  Previously, a multi-recipient message would fail to match the
      onward-connection opened for the first recipient, and cause its closure.

JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
      a timeout on read on a GnuTLS initiating connection, resulting in the
      initiating connection being dropped.  This mattered most when the callout
      was marked defer_ok.  Fix to keep the two timeout-detection methods
      separate.

HS/01 Fix Buffer overflow in base64d() (CVE-2018-6789)

JH/16 Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
      metadata, resulting in a crash in free().

PP/01 Fix broken Heimdal GSSAPI authenticator integration.
      Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
      Broken also in d185889f4, with init system revamp.

Revision 1.28: download - view: text, markup, annotated - select for diffs
Sat Mar 18 07:08:23 2017 UTC (7 years, 8 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2017Q4-base, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1
Branch point for: pkgsrc-2017Q4
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +5 -5 lines
Version 4.89
------------

 1. Allow relative config file names for ".include"

 2. A main-section config option "debug_store" to control the checks on
    variable locations during store-reset.  Normally false but can be enabled
    when a memory corrution issue is suspected on a production system.

Revision 1.27: download - view: text, markup, annotated - select for diffs
Sat Apr 9 10:49:39 2016 UTC (8 years, 8 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +5 -5 lines
Version 4.87

 1. The ACL conditions regex and mime_regex now capture substrings
    into numeric variables $regex1 to 9, like the "match" expansion condition.

 2. New $callout_address variable records the address used for a spam=,
    malware= or verify= callout.

 3. Transports now take a "max_parallel" option, to limit concurrency.

 4. Expansion operators ${ipv6norm:<string>} and ${ipv6denorm:<string>}.
    The latter expands to a 8-element colon-sep set of hex digits including
    leading zeroes. A trailing ipv4-style dotted-decimal set is converted
    to hex.  Pure ipv4 addresses are converted to IPv4-mapped IPv6.
    The former operator strips leading zeroes and collapses the longest
    set of 0-groups to a double-colon.

 5. New "-bP config" support, to dump the effective configuration.

 6. New $dkim_key_length variable.

 7. New base64d and base64 expansion items (the existing str2b64 being a
    synonym of the latter).  Add support in base64 for certificates.

 8. New main configuration option "bounce_return_linesize_limit" to
    avoid oversize bodies in bounces. The dafault value matches RFC
    limits.

 9. New $initial_cwd expansion variable.

Revision 1.24.2.1: download - view: text, markup, annotated - select for diffs
Thu Mar 3 20:22:52 2016 UTC (8 years, 9 months ago) by bsiegert
Branches: pkgsrc-2015Q4
Diff to: previous 1.24: preferred, colored; next MAIN 1.25: preferred, colored
Changes since revision 1.24: +5 -5 lines
Pullup ticket #4942 - requested by wiedi
mail/exim: security fix

Revisions pulled up:
- mail/exim-html/Makefile                                       1.30-1.31
- mail/exim-html/PLIST                                          1.14
- mail/exim-html/distinfo                                       1.25-1.26
- mail/exim/Makefile                                            1.142-1.143
- mail/exim/distinfo                                            1.63-1.64
- mail/exim/patches/patch-aa                                    1.24

---
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sun Jan 10 20:55:57 UTC 2016

   Modified Files:
           pkgsrc/mail/exim: Makefile distinfo
           pkgsrc/mail/exim/patches: patch-aa

   Log Message:
   Update exim to 4.86.

   Exim version 4.86
   -----------------
   JH/01 Bug 1545: The smtp transport option "retry_include_ip_address" is now
         expanded.

   JH/02 The smtp transport option "multi_domain" is now expanded.

   JH/03 The smtp transport now requests PRDR by default, if the server offers
         it.

   JH/04 Certificate name checking on server certificates, when exim is a client,
         is now done by default.  The transport option tls_verify_cert_hostnames
         can be used to disable this per-host.  The build option
         EXPERIMENTAL_CERTNAMES is withdrawn.

   JH/05 The value of the tls_verify_certificates smtp transport and main options
         default to the word "system" to access the system default CA bundle.
         For GnuTLS, only version 3.0.20 or later.

   JH/06 Verification of the server certificate for a TLS connection is now tried
         (but not required) by default.  The verification status is now logged by
         default, for both outbound TLS and client-certificate supplying inbound
         TLS connections

   JH/07 Changed the default rfc1413 lookup settings to disable calls.  Few
         sites use this now.

   JH/08 The EXPERIMENTAL_DSN compile option is no longer needed; all Delivery
         Status Notification (bounce) messages are now MIME format per RFC 3464.
         Support for RFC 3461 DSN options NOTIFY,ENVID,RET,ORCPT can be advertised
         under the control of the dsn_advertise_hosts option, and routers may
         have a dsn_lasthop option.

   JH/09 A timeout of 2 minutes is now applied to all malware scanner types by
         default, modifiable by a malware= option.  The list separator for
         the options can now be changed in the usual way.  Bug 68.

   JH/10 The smtp_receive_timeout main option is now expanded before use.

   JH/11 The incoming_interface log option now also enables logging of the
         local interface on delivery outgoing connections.

   JH/12 The cutthrough-routing facility now supports multi-recipient mails,
         if the interface and destination host and port all match.

   JH/13 Bug 344: The verify = reverse_host_lookup ACL condition now accepts a
         /defer_ok option.

   JH/14 Bug 1573: The spam= ACL condition now additionally supports Rspamd.
         Patch from Andrew Lewis.

   JH/15 Bug 670: The spamd_address main option (for the spam= ACL condition)
         now supports optional time-restrictions, weighting, and priority
         modifiers per server.  Patch originally by <rommer%active.by@localhost>.

   JH/16 The spamd_address main option now supports a mixed list of local
         and remote servers.  Remote servers can be IPv6 addresses, and
         specify a port-range.

   JH/17 Bug 68: The spamd_address main option now supports an optional
         timeout value per server.

   JH/18 Bug 1581: Router and transport options headers_add/remove can
         now have the list separator specified.

   JH/19 Bug 392: spamd_address, and clamd av_scanner, now support retry
         option values.

   JH/20 Bug 1571: Ensure that $tls_in_peerdn is set, when verification fails
         under OpenSSL.

   JH/21 Support for the A6 type of dns record is withdrawn.

   JH/22 Bug 608: The result of a QUIT or not-QUIT toplevel ACL now matters
         rather than the verbs used.

   JH/23 Bug 1572: Increase limit on SMTP confirmation message copy size
         from 255 to 1024 chars.

   JH/24 Verification callouts now attempt to use TLS by default.

   HS/01 DNSSEC options (dnssec_require_domains, dnssec_request_domains)
         are generic router options now. The defaults didn't change.

   JH/25 Bug 466: Add RFC2322 support for MIME attachment filenames.
         Original patch from Alexander Shikoff, worked over by JH.

   HS/02 Bug 1575: exigrep falls back to autodetection of compressed
         files if ZCAT_COMMAND is not executable.

   JH/26 Bug 1539: Add timout/retry options on dnsdb lookups.

   JH/27 Bug 286: Support SOA lookup in dnsdb lookups.

   JH/28 Bug 1588: Do not use the A lookup following an AAAA for setting the FQDN.
         Normally benign, it bites when the pair was led to by a CNAME;
         modern usage is to not canoicalize the domain to a CNAME target
         (and we were inconsistent anyway for A-only vs AAAA+A).

   JH/29 Bug 1632: Removed the word "rejected" from line logged for ACL discards.

   JH/30 Check the forward DNS lookup for DNSSEC, in addition to the reverse,
         when evaluating $sender_host_dnssec.

   JH/31 Check the HELO verification lookup for DNSSEC, adding new
         $sender_helo_dnssec variable.

   JH/32 Bug 1397: Enable ECDHE on OpenSSL, just the NIST P-256 curve.

   JH/33 Bug 1346: Note MAIL cmd seen in -bS batch, to avoid smtp_no_mail log.

   JH/34 Bug 1648: Fix a memory leak seen with "mailq" and large queues.

   JH/35 Bug 1642: Fix support of $spam_ variables at delivery time.  Was
         documented as working, but never had.  Support all but $spam_report.

   JH/36 Bug 1659: Guard checking of input smtp commands again pseudo-command
         added for tls authenticator.

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Mon Jan 11 08:35:32 UTC 2016

   Modified Files:
           pkgsrc/mail/exim-html: Makefile PLIST distinfo

   Log Message:
   Match mail/exim version

---
   Module Name:    pkgsrc
   Committed By:   wiedi
   Date:           Wed Mar  2 20:13:18 UTC 2016

   Modified Files:
           pkgsrc/mail/exim: Makefile distinfo
           pkgsrc/mail/exim-html: Makefile distinfo

   Log Message:
   Update mail/exim and mail/exim-html to 4.86.2

   Exim version 4.86.2
   -------------------
   Portability relase of 4.86.1

   Exim version 4.86.1
   -------------------
   HS/04 Add support for keep_environment and add_environment options.
         This fixes CVE-2016-1531.

   All installations having Exim set-uid root and using 'perl_startup' are
   vulnerable to a local privilege escalation. Any user who can start an
   instance of Exim (and this is normally *any* user) can gain root
   privileges. If you do not use 'perl_startup' you *should* be safe.

   New options
   -----------

   We had to introduce two new configuration options:

      keep_environment =
      add_environment =

   Both options are empty per default. That is, Exim cleans the complete
   environment on startup. This affects Exim itself and any subprocesses,
   as transports, that may call other programs via some alias mechanisms,
   as routers (queryprogram), lookups, and so on. This may affect used
   libraries (e.g. LDAP).

   ** THIS MAY BREAK your existing installation **

   If both options are not used in the configuration, Exim issues a warning
   on startup. This warning disappears if at least one of these options is
   used (even if set to an empty value).

   keep_environment should contain a list of trusted environment variables.
   (Do you trust PATH?). This may be a list of names and REs.

      keep_environment = ^LDAP_ : FOO_PATH

   To add (or override) variables, you can use add_environment:

      add_environment = <; PATH=/sbin:/usr/sbin

   New behaviour
   -------------

   Now Exim changes it's working directory to / right after startup,
   even before reading it's configuration. (Later Exim changes it's working
   directory to $spool_directory, as usual.)

   Exim only accepts an absolute configuration file path now, when using
   the -C option.

Revision 1.26: download - view: text, markup, annotated - select for diffs
Wed Mar 2 20:13:18 2016 UTC (8 years, 9 months ago) by wiedi
Branches: MAIN
CVS tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +5 -5 lines
Update mail/exim and mail/exim-html to 4.86.2

Exim version 4.86.2
-------------------
Portability relase of 4.86.1

Exim version 4.86.1
-------------------
HS/04 Add support for keep_environment and add_environment options.
      This fixes CVE-2016-1531.

All installations having Exim set-uid root and using 'perl_startup' are
vulnerable to a local privilege escalation. Any user who can start an
instance of Exim (and this is normally *any* user) can gain root
privileges. If you do not use 'perl_startup' you *should* be safe.

New options
-----------

We had to introduce two new configuration options:

   keep_environment =
   add_environment =

Both options are empty per default. That is, Exim cleans the complete
environment on startup. This affects Exim itself and any subprocesses,
as transports, that may call other programs via some alias mechanisms,
as routers (queryprogram), lookups, and so on. This may affect used
libraries (e.g. LDAP).

** THIS MAY BREAK your existing installation **

If both options are not used in the configuration, Exim issues a warning
on startup. This warning disappears if at least one of these options is
used (even if set to an empty value).

keep_environment should contain a list of trusted environment variables.
(Do you trust PATH?). This may be a list of names and REs.

   keep_environment = ^LDAP_ : FOO_PATH

To add (or override) variables, you can use add_environment:

   add_environment = <; PATH=/sbin:/usr/sbin

New behaviour
-------------

Now Exim changes it's working directory to / right after startup,
even before reading it's configuration. (Later Exim changes it's working
directory to $spool_directory, as usual.)

Exim only accepts an absolute configuration file path now, when using
the -C option.

Revision 1.25: download - view: text, markup, annotated - select for diffs
Mon Jan 11 08:35:31 2016 UTC (8 years, 11 months ago) by adam
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +5 -5 lines
Match mail/exim version

Revision 1.24: download - view: text, markup, annotated - select for diffs
Tue Nov 3 23:27:05 2015 UTC (9 years, 1 month ago) by agc
Branches: MAIN
CVS tags: pkgsrc-2015Q4-base
Branch point for: pkgsrc-2015Q4
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -1 lines
Add SHA512 digests for distfiles for mail category

Problems found locating distfiles:
	Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
	Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
	Package pine: missing distfile fancy.patch.gz
	Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
	Package qmail: missing distfile badrcptto.patch
	Package qmail: missing distfile outgoingip.patch
	Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
	Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
	Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
	Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.23: download - view: text, markup, annotated - select for diffs
Sat Feb 14 07:33:19 2015 UTC (9 years, 9 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +4 -4 lines
Exim version 4.85
-----------------
TL/01 When running the test suite, the README says that variables such as
      no_msglog_check are global and can be placed anywhere in a specific
      test's script, however it was observed that placement needed to be near
      the beginning for it to behave that way. Changed the runtest perl
      script to read through the entire script once to detect and set these
      variables, reset to the beginning of the script, and then run through
      the script parsing/test process like normal.

TL/02 The BSD's have an arc4random API. One of the functions to induce
      adding randomness was arc4random_stir(), but it has been removed in
      OpenBSD 5.5. Detect this OpenBSD version and skip calling this
      function when detected.

JH/01 Expand the EXPERIMENTAL_TPDA feature.  Several different events now
      cause callback expansion.

TL/03 Bugzilla 1518: Clarify "condition" processing in routers; that
      syntax errors in an expansion can be treated as a string instead of
      logging or causing an error, due to the internal use of bool_lax
      instead of bool when processing it.

JH/02 Add EXPERIMENTAL_DANE, allowing for using the DNS as trust-anchor for
      server certificates when making smtp deliveries.

JH/03 Support secondary-separator specifier for MX, SRV, TLSA lookups.

JH/04 Add ${sort {list}{condition}{extractor}} expansion item.

TL/04 Bugzilla 1216: Add -M (related messages) option to exigrep.

TL/05 GitHub Issue 18: Adjust logic testing for true/false in redis lookups.
      Merged patch from Sebastian Wiedenroth.

JH/05 Fix results-pipe from transport process.  Several recipients, combined
      with certificate use, exposed issues where response data items split
      over buffer boundaries were not parsed properly.  This eventually
      resulted in duplicates being sent.  This issue only became common enough
      to notice due to the introduction of conection certificate information,
      the item size being so much larger.  Found and fixed by Wolfgang Breyha.

JH/06 Bug 1533: Fix truncation of items in headers_remove lists.  A fixed
      size buffer was used, resulting in syntax errors when an expansion
      exceeded it.

JH/07 Add support for directories of certificates when compiled with a GnuTLS
      version 3.3.6 or later.

JH/08 Rename the TPDA expermimental facility to Event Actions.  The #ifdef
      is EXPERIMENTAL_EVENT, the main-configuration and transport options
      both become "event_action", the variables become $event_name, $event_data
      and $event_defer_errno.  There is a new variable $verify_mode, usable in
      routers, transports and related events.  The tls:cert event is now also
      raised for inbound connections, if the main configuration event_action
      option is defined.

TL/06 In test suite, disable OCSP for old versions of openssl which contained
      early OCSP support, but no stapling (appears to be less than 1.0.0).

JH/09 When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on
      server certificate names available under the smtp transport option
      "tls_verify_cert_hostname" now do not permit multi-component wildcard
      matches.

JH/10 Time-related extraction expansions from certificates now use the main
      option "timezone" setting for output formatting, and are consistent
      between OpenSSL and GnuTLS compilations.  Bug 1541.

JH/11 Fix a crash in mime ACL when meeting a zero-length, quoted or RFC2047-
      encoded parameter in the incoming message.  Bug 1558.

JH/12 Bug 1527: Autogrow buffer used in reading spool files.  Since they now
      include certificate info, eximon was claiming there were spoolfile
      syntax errors.

JH/13 Bug 1521: Fix ldap lookup for single-attr request, multiple-attr return.

JH/14 Log delivery-related information more consistently, using the sequence
      "H=<name> [<ip>]" wherever possible.

TL/07 Bug 1547: Omit RFCs from release. Draft and RFCs have licenses which
      are problematic for Debian distribution, omit them from the release
      tarball.

JH/15 Updates and fixes to the EXPERIMENTAL_DSN feature.

JH/16 Fix string representation of time values on 64bit time_t anchitectures.
      Bug 1561.

JH/17 Fix a null-indirection in certextract expansions when a nondefault
      output list separator was used.

Revision 1.22: download - view: text, markup, annotated - select for diffs
Sun Aug 17 08:16:58 2014 UTC (10 years, 3 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +4 -4 lines
Changes 4.84:
TL/01 Bugzilla 1506: Re-add a 'return NULL' to silence complaints from static
      checkers that were complaining about end of non-void function with no
      return.

JH/01 Bug 1513: Fix parsing of quoted parameter values in MIME headers.
      This was a regression intruduced in 4.83 by another bugfix.

JH/02 Fix broken compilation when EXPERIMENTAL_DSN is enabled.

TL/02 Bug 1509: Fix exipick for enhanced spoolfile specification used when
      EXPERIMENTAL_DNS is enabled.

Revision 1.21: download - view: text, markup, annotated - select for diffs
Wed Jul 23 14:09:52 2014 UTC (10 years, 4 months ago) by adam
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +4 -4 lines
Changes 4.83:

 1. If built with the EXPERIMENTAL_PROXY feature enabled, Exim can be
    configured to expect an initial header from a proxy that will make the
    actual external source IP:host be used in exim instead of the IP of the
    proxy that is connecting to it.

 2. New verify option header_names_ascii, which will check to make sure
    there are no non-ASCII characters in header names.  Exim itself handles
    those non-ASCII characters, but downstream apps may not, so Exim can
    detect and reject if those characters are present.

 3. New expansion operator ${utf8clean:string} to replace malformed UTF8
    codepoints with valid ones.

 4. New malware type "sock".  Talks over a Unix or TCP socket, sending one
    command line and matching a regex against the return data for trigger
    and a second regex to extract malware_name.  The mail spoofile name can
    be included in the command line.

 5. The smtp transport now supports options "tls_verify_hosts" and
    "tls_try_verify_hosts".  If either is set the certificate verification
    is split from the encryption operation. The default remains that a failed
    verification cancels the encryption.

 6. New SERVERS override of default ldap server list.  In the ACLs, an ldap
    lookup can now set a list of servers to use that is different from the
    default list.

 7. New command-line option -C for exiqgrep to specify alternate exim.conf
    file when searching the queue.

 8. OCSP now supports GnuTLS also, if you have version 3.1.3 or later of that.

 9. Support for DNSSEC on outbound connections.

10. New variables "tls_(in,out)_(our,peer)cert" and expansion item
    "certextract" to extract fields from them. Hash operators md5 and sha1
    work over them for generating fingerprints, and a new sha256 operator
    for them added.

11. PRDR is now supported dy default.

12. OCSP stapling is now supported by default.

13. If built with the EXPERIMENTAL_DSN feature enabled, Exim will output
    Delivery Status Notification messages in MIME format, and negociate
    DSN features per RFC 3461.

Revision 1.20: download - view: text, markup, annotated - select for diffs
Thu May 29 09:30:12 2014 UTC (10 years, 6 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +4 -4 lines
Updated mail/exim[-html] to 4.82.1

Revision 1.19: download - view: text, markup, annotated - select for diffs
Wed Oct 30 07:30:03 2013 UTC (11 years, 1 month ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +4 -4 lines
Version 4.82
 1. New command-line option -bI:sieve will list all supported sieve extensions
    of this Exim build on standard output, one per line.
    ManageSieve (RFC 5804) providers managing scripts for use by Exim should
    query this to establish the correct list to include in the protocol's
    SIEVE capability line.
 2. If the -n option is combined with the -bP option, then the name of an
    emitted option is not output, only the value (if visible to you).
    For instance, "exim -n -bP pid_file_path" should just emit a pathname
    followed by a newline, and no other text.
 3. When built with SUPPORT_TLS and USE_GNUTLS, the SMTP transport driver now
    has a "tls_dh_min_bits" option, to set the minimum acceptable number of
    bits in the Diffie-Hellman prime offered by a server (in DH ciphersuites)
    acceptable for security.  (Option accepted but ignored if using OpenSSL).
    Defaults to 1024, the old value.  May be lowered only to 512, or raised as
    far as you like.  Raising this may hinder TLS interoperability with other
    sites and is not currently recommended.  Lowering this will permit you to
    establish a TLS session which is not as secure as you might like.
    Unless you really know what you are doing, leave it alone.
 4. If not built with DISABLE_DNSSEC, Exim now has the main option
    dns_dnssec_ok; if set to 1 then Exim will initialise the resolver library
    to send the DO flag to your recursive resolver.  If you have a recursive
    resolver, which can set the Authenticated Data (AD) flag in results, Exim
    can now detect this.  Exim does not perform validation itself, instead
    relying upon a trusted path to the resolver.
    Current status: work-in-progress; $sender_host_dnssec variable added.
 5. DSCP support for outbound connections: on a transport using the smtp driver,
    set "dscp = ef", for instance, to cause the connections to have the relevant
    DSCP (IPv4 TOS or IPv6 TCLASS) value in the header.
    Similarly for inbound connections, there is a new control modifier, dscp,
    so "warn control = dscp/ef" in the connect ACL, or after authentication.
    Supported values depend upon system libraries.  "exim -bI:dscp" to list the
    ones Exim knows of.  You can also set a raw number 0..0x3F.
 6. The -G command-line flag is no longer ignored; it is now equivalent to an
    ACL setting "control = suppress_local_fixups".  The -L command-line flag
    is now accepted and forces use of syslog, with the provided tag as the
    process name.  A few other flags used by Sendmail are now accepted and
    ignored.
 7. New cutthrough routing feature.  Requested by a "control = cutthrough_delivery"
    ACL modifier; works for single-recipient mails which are recieved on and
    deliverable via SMTP.  Using the connection made for a recipient verify,
    if requested before the verify, or a new one made for the purpose while
    the inbound connection is still active.  The bulk of the mail item is copied
    direct from the inbound socket to the outbound (as well as the spool file).
    When the source notifies the end of data, the data acceptance by the destination
    is negociated before the acceptance is sent to the source.  If the destination
    does not accept the mail item, for example due to content-scanning, the item
    is not accepted from the source and therefore there is no need to generate
    a bounce mail.  This is of benefit when providing a secondary-MX service.
    The downside is that delays are under the control of the ultimate destination
    system not your own.
    The Recieved-by: header on items delivered by cutthrough is generated
    early in reception rather than at the end; this will affect any timestamp
    included.  The log line showing delivery is recorded before that showing
    reception; it uses a new ">>" tag instead of "=>".
    To support the feature, verify-callout connections can now use ESMTP and TLS.
    The usual smtp transport options are honoured, plus a (new, default everything)
    hosts_verify_avoid_tls.
    New variable families named tls_in_cipher, tls_out_cipher etc. are introduced
    for specific access to the information for each connection.  The old names
    are present for now but deprecated.
    Not yet supported: IGNOREQUOTA, SIZE, PIPELINING.
 8. New expansion operators ${listnamed:name} to get the content of a named list
    and ${listcount:string} to count the items in a list.
 9. New global option "gnutls_allow_auto_pkcs11", defaults false.  The GnuTLS
    rewrite in 4.80 combines with GnuTLS 2.12.0 or later, to autoload PKCS11
    modules.  For some situations this is desirable, but we expect admin in
    those situations to know they want the feature.  More commonly, it means
    that GUI user modules get loaded and are broken by the setuid Exim being
    unable to access files specified in environment variables and passed
    through, thus breakage.  So we explicitly inhibit the PKCS11 initialisation
    unless this new option is set.
    Some older OS's with earlier versions of GnuTLS might not have pkcs11 ability,
    so have also added a build option which can be used to build Exim with GnuTLS
    but without trying to use any kind of PKCS11 support.  Uncomment this in the
    Local/Makefile:
    AVOID_GNUTLS_PKCS11=yes
10. The "acl = name" condition on an ACL now supports optional arguments.
    New expansion item "${acl {name}{arg}...}" and expansion condition
    "acl {{name}{arg}...}" are added.  In all cases up to nine arguments
    can be used, appearing in $acl_arg1 to $acl_arg9 for the called ACL.
    Variable $acl_narg contains the number of arguments.  If the ACL sets
    a "message =" value this becomes the result of the expansion item,
    or the value of $value for the expansion condition.  If the ACL returns
    accept the expansion condition is true; if reject, false.  A defer
    return results in a forced fail.
11. Routers and transports can now have multiple headers_add and headers_remove
    option lines.  The concatenated list is used.
12. New ACL modifier "remove_header" can remove headers before message gets
    handled by routers/transports.
13. New dnsdb lookup pseudo-type "a+".  A sequence of "a6" (if configured),
    "aaaa" and "a" lookups is done and the full set of results returned.
14. New expansion variable $headers_added with content from ACL add_header
    modifier (but not yet added to messsage).
15. New 8bitmime status logging option for received messages.  Log field "M8S".
16. New authenticated_sender logging option, adding to log field "A".
17. New expansion variables $router_name and $transport_name.  Useful
    particularly for debug_print as -bt commandline option does not
    require privilege whereas -d does.
18. If built with EXPERIMENTAL_PRDR, per-recipient data responses per a
    proposed extension to SMTP from Eric Hall.
19. The pipe transport has gained the force_command option, to allow
    decorating commands from user .forward pipe aliases with prefix
    wrappers, for instance.
20. Callout connections can now AUTH; the same controls as normal delivery
    connections apply.
21. Support for DMARC, using opendmarc libs, can be enabled. It adds new
    options: dmarc_forensic_sender, dmarc_history_file, and dmarc_tld_file.
    It adds new expansion variables $dmarc_ar_header, $dmarc_status,
    $dmarc_status_text, and $dmarc_used_domain.  It adds a new acl modifier
    dmarc_status.  It adds new control flags dmarc_disable_verify and
    dmarc_enable_forensic.
22. Add expansion variable $authenticated_fail_id, which is the username
    provided to the authentication method which failed.  It is available
    for use in subsequent ACL processing (typically quit or notquit ACLs).
23. New ACL modifer "udpsend" can construct a UDP packet to send to a given
    UDP host and port.
24. New ${hexquote:..string..} expansion operator converts non-printable
    characters in the string to \xNN form.
25. Experimental TPDA (Transport Post Delivery Action) function added.
    Patch provided by Axel Rau.
26. Experimental Redis lookup added. Patch provided by Warren Baker.

Revision 1.18: download - view: text, markup, annotated - select for diffs
Mon Oct 10 12:22:17 2011 UTC (13 years, 2 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +4 -4 lines
Match exim version

Revision 1.17: download - view: text, markup, annotated - select for diffs
Wed May 11 06:10:08 2011 UTC (13 years, 7 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +4 -4 lines
Updated docs for Exim 4.76

Revision 1.16: download - view: text, markup, annotated - select for diffs
Tue Mar 22 13:55:28 2011 UTC (13 years, 8 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +4 -4 lines
Updated documentation for Exim 4.75

Revision 1.15: download - view: text, markup, annotated - select for diffs
Thu Jan 27 07:48:52 2011 UTC (13 years, 10 months ago) by adam
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -4 lines
Changes 4.74:
* Failure to get a lock on a hints database can have serious
  consequences so log it to the panic log.
* Log LMTP confirmation messages in the same way as SMTP,
  controlled using the smtp_confirmation log selector.
* Include the error message when we fail to unlink a spool file.
* Bugzilla 139: Support dynamically loaded lookups as modules.
* Bugzilla 139: Documentation and portability issues.
  Avoid GNU Makefile-isms, let Exim continue to build on BSD.
  Handle per-OS dynamic-module compilation flags.
* Let /dev/null have normal permissions.
  The 4.73 fixes were a little too stringent and complained about the
  permissions on /dev/null.  Exempt it from some checks.
* Report version information for many libraries, including
  Exim version information for dynamically loaded libraries.  Created
  version.h, now support a version extension string for distributors
  who patch heavily. Dynamic module ABI change.
* CVE-2011-0017 - check return value of setuid/setgid. This is a
  privilege escalation vulnerability whereby the Exim run-time user
  can cause root to append content of the attacker's choosing to
  arbitrary files.
* Bugzilla 1041: merged DCC maintainer's fixes for return code.
* Bugzilla 1071: fix delivery logging with untrusted macros.
  If dropping privileges for untrusted macros, we disabled normal logging
  on the basis that it would fail; for the Exim run-time user, this is not
  the case, and it resulted in successful deliveries going unlogged.

Revision 1.13.2.1: download - view: text, markup, annotated - select for diffs
Sat Jan 22 10:59:17 2011 UTC (13 years, 10 months ago) by tron
Branches: pkgsrc-2010Q4
Diff to: previous 1.13: preferred, colored; next MAIN 1.14: preferred, colored
Changes since revision 1.13: +4 -4 lines
Pullup ticket #3329 - requested by gls
mail/exim-html: security update

Revisions pulled up:
- mail/exim-html/Makefile			1.19
- mail/exim-html/PLIST				1.12
- mail/exim-html/distinfo			1.14
---
Module Name:	pkgsrc
Committed By:	adam
Date:		Wed Jan 12 07:52:45 UTC 2011

Modified Files:
	pkgsrc/mail/exim: Makefile distinfo
	pkgsrc/mail/exim/patches: patch-aa
Added Files:
	pkgsrc/mail/exim/patches: patch-ba patch-bb patch-bc patch-bd

Log Message:
Changes 4.73:
* Date: & Message-Id: revert to normally being appended to a message,
  only prepend for the Resent-* case.  Fixes regression introduced in
  Exim 4.70 by NM/22 for Bugzilla 607.
* Include check_rfc2047_length in configure.default because we're seeing
  increasing numbers of administrators be bitten by this.
* Added DISABLE_DKIM and comment to src/EDITME
* Bugzilla 994: added openssl_options main configuration option.
* Bugzilla 995: provide better SSL diagnostics on failed reads.
* Bugzilla 834: provide a permit_coredump option for pipe transports.
* Adjust NTLM authentication to handle SASL Initial Response.
* If TLS negotiated an anonymous cipher, we could end up with SSL but
  without a peer certificate, leading to a segfault because of an
  assumption that peers always have certificates.  Be a little more
paranoid.
* Bugzilla 926: switch ClamAV to use the new zINSTREAM API for content
  filtering; old API available if built with WITH_OLD_CLAMAV_STREAM=yes
  NB: ClamAV planning to remove STREAM in "middle of 2010".
  CL also introduces -bmalware, various -d+acl logging additions and
  more caution in buffer sizes.
* Implemented reverse_ip expansion operator.
* Bugzilla 937: provide a "debug" ACL control.
* Bugzilla 922: Documentation dusting, patch provided by John Horne.
* Bugzilla 973: Implement --version.
* Bugzilla 752: Refuse to build/run if Exim user is root/0.
* Build without WITH_CONTENT_SCAN. Path from Andreas Metzler.
* Bugzilla 816: support multiple condition rules on Routers.
* Add bool_lax{} expansion operator and use that for combining multiple
  condition rules, instead of bool{}.  Make both bool{} and bool_lax{}
  ignore trailing whitespace.
* prevent non-panic DKIM error from being sent to paniclog
* added tcp_wrappers_daemon_name to allow host entries other than
  "exim" to be used
* Fix malware regression for cmdline scanner introduced in PP/08.
  Notification from Dr Andrew Aitchison.
* Change ClamAV response parsing to be more robust and to handle ClamAV's
  ExtendedDetectionInfo response format.
* OpenSSL 1.0.0a compatibility const-ness change, should be backwards
  compatible.

Revision 1.14: download - view: text, markup, annotated - select for diffs
Wed Jan 12 09:26:24 2011 UTC (13 years, 11 months ago) by adam
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -4 lines
Documentation updated for Exim 4.73.

Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon Nov 8 07:52:46 2010 UTC (14 years, 1 month ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2010Q4-base
Branch point for: pkgsrc-2010Q4
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +4 -4 lines
Updated documentation to Exim 4.72

Revision 1.12: download - view: text, markup, annotated - select for diffs
Mon Jan 14 18:57:40 2008 UTC (16 years, 11 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +4 -4 lines
Changes 4.69:
* Add preliminary DKIM support.
* Bugzilla 592: --help option is handled incorrectly if exim is invoked
  as mailq or other aliases.  Changed the --help handling significantly
  to do whats expected.  exim_usage() emits usage/help information.
* Added the -bylocaldomain option to eximstats.
* Bugzilla 619: Defended against bad data coming back from gethostbyaddr
* Bugzilla 613: Documentation fix for acl_not_smtp
* Bugzilla 628: PCRE update to 7.4 (work done by John Hall)

Revision 1.11: download - view: text, markup, annotated - select for diffs
Tue Oct 23 15:17:10 2007 UTC (17 years, 1 month ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -4 lines
Documentation updated to match exim 4.68

Revision 1.10: download - view: text, markup, annotated - select for diffs
Wed Sep 5 10:36:43 2007 UTC (17 years, 3 months ago) by rillig
Branches: MAIN
CVS tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +4 -4 lines
Updated the exim documentation to 4.67.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Tue May 17 17:06:12 2005 UTC (19 years, 6 months ago) by abs
Branches: MAIN
CVS tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1, pkgsrc-2005Q4-base, pkgsrc-2005Q4, pkgsrc-2005Q3-base, pkgsrc-2005Q3, pkgsrc-2005Q2-base, pkgsrc-2005Q2
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +4 -5 lines
Update exim from 4.44 to 4.51.
The main change is the incorporation of the content scanning from
the exiscan patch. (There are over 650 lines of Changes)
Retire exim-exiscan
Update exim-html from 4.40 to 4.50

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Feb 24 09:59:22 2005 UTC (19 years, 9 months ago) by agc
Branches: MAIN
CVS tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -1 lines
Add RMD160 digests.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Thu Oct 7 17:29:16 2004 UTC (20 years, 2 months ago) by abs
Branches: MAIN
CVS tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +3 -3 lines
Update exim to 4.43 from 4.42
Update exim-exiscan to 4.43_28 from 4.42_27
Update exim-html to 4.40 from 4.30

exim-exiscan:

28  - Added F-Secure support, thanks to Johan Thelmen <jth@home.se>.

    - Upgraded SRS support to libsrs_alt 0.5 via Miles
      Wilton's patch.

    - REMOVED exiscan-acl implementation of custom header
      placement in favor of Philip Hazel's native implementation.
      However, a new option option was added for it to
      mimic the behaviour of the old header_pos_middle option.
      Read section 10 of exiscan-acl-spec.txt.

exim:
 1. Fixed a longstanding but relatively impotent bug: a long time ago, before
    PIPELINING, the function smtp_write_command() used to return TRUE or FALSE.
    Now it returns an integer. A number of calls were still expecting a T/F
    return. Fortuitously, in all cases, the tests worked in OK situations,
    which is the norm. However, things would have gone wrong on any write
    failures on the smtp file descriptor. This function is used when sending
    messages over SMTP and also when doing verify callouts.

 2. When Exim is called to do synchronous delivery of a locally submitted
    message (the -odf or -odi options), it no longer closes stderr before doing
    the delivery.

 3. Implemented the mua_wrapper option.

 4. Implemented mx_fail_domains and srv_fail_domains for the dnslookup router.

 5. Implemented the functions header_remove(), header_testname(),
    header_add_at_position(), and receive_remove_recipient(), and exported them
    to local_scan().

 6. If an ACL "warn" statement specified the addition of headers, Exim already
    inserted X-ACL-Warn: at the start if there was no header name. However, it
    was not making this test for the second and subsequent header lines if
    there were newlines in the string. This meant that an invalid header could
    be inserted if Exim was badly configured.

 7. Allow an ACL "warn" statement to add header lines at the start or after all
    the Received: headers, as well as at the end.

 8. Added the rcpt_4xx retry error code.

 9. Added postmaster_mailfrom=xxx to callout verification option.

10. Added mailfrom=xxxx to the callout verification option, for verify=
    header_sender only.

11. ${substr_1_:xxxx} and ${substr__3:xxxx} are now diagnosed as syntax errors
    (they previously behaved as ${substr_1_0:xxxx} and ${substr:_0_3:xxxx}).

12. Inserted some casts to stop certain compilers warning when using pointer
    differences as field lengths or precisions in printf-type calls (mostly
    affecting debugging statements).

13. Added optional readline() support for -be (dynamically loaded).

14. Obscure bug fix: if a message error (e.g. 4xx to MAIL) happened within the
    same clock tick as a message's arrival, so that its received time was the
    same as the "first fail" time on the retry record, and that message
    remained on the queue past the ultimate address timeout, every queue runner
    would try a delivery (because it was past the ultimate address timeout) but
    after another failure, the ultimate address timeout, which should have then
    bounced the address, did not kick in. This was a "< instead of <=" error;
    in most cases the first failure would have been in the next clock tick
    after the received time, and all would be well.

15. The special items beginning with @ in domain lists (e.g. @mx_any) were not
    being recognized when the domain list was tested by the match_domain
    condition in an expansion string.

16. Added the ${str2b64: operator.

17. Exim was always calling setrlimit() to set a large limit for the number of
    processes, without checking whether the existing limit was already
    adequate. (It did check for the limit on file descriptors.) Furthermore,


18. Imported PCRE 5.0.

19. Trivial typo in log message " temporarily refused connection" (the leading
    space).

20. If the log selector return_path_on_delivery was set and an address was
    redirected to /dev/null, the delivery process crashed because it assumed
    that a return path would always be set for a "successful" delivery. In this
    case, the whole delivery is bypassed as an optimization, and therefore no
    return path is set.

21. Internal re-arrangement: the function for sending a challenge and reading
    a response while authentication was assuming a zero-terminated challenge
    string. It's now changed to take a pointer and a length, to allow for
    binary data in such strings.

22. Added the cyrus_sasl authenticator (code supplied by MBM).

23. Exim was not respecting finduser_retries when seeking the login of the
    uid under which it was called; it was always trying 10 times. (The default
    setting of finduser_retries is zero.) Also, it was sleeping after the final
    failure, which is pointless.

24. Implemented tls_on_connect_ports.

25. Implemented acl_smtp_predata.

26. If the domain in control=submission is set empty, Exim assumes that the
    authenticated id is a complete email address when it generates From: or
    Sender: header lines.

27. Added "#define SOCKLEN_T int" to OS/os.h-SCO and OS/os.h-SCO_SV. Also added
    definitions to OS/Makefile-SCO and OS/Makefile-SCO_SV that put basename,
    chown and chgrp in /bin and hostname in /usr/bin.

28. Exim was keeping the "process log" file open after each use, just as it
    does for the main log. This opens the possibility of it remaining open for
    long periods when the USR1 signal hits a daemon. Occasional processlog
    errors were reported, that could have been caused by this. Anyway, it seems
    much more sensible not to leave this file open at all, so that is what now
    happens.

29. The long-running daemon process does not normally write to the log once it
    has entered its main loop, and it closes the log before doing so. This is
    so that log files can straightforwardly be renamed and moved. However,
    there are a couple of unusual error situations where the daemon does write
    log entries, and I had neglected to close the log afterwards.

30. The text of an SMTP error response that was received during a remote
    delivery was being truncated at 512 bytes. This is too short for some of
    the long messages that one sometimes sees. I've increased the limit to
    1024.

31. It is now possible to make retry rules that apply only when a message has a
    specific sender, in particular, an empty sender.

32. Added "control = enforce_sync" and "control = no_enforce_sync". This makes
    it possible to be selective about when SMTP synchronization is enforced.

33. Added "control = caseful_local_part" and "control = "caselower_local_part".

32. Implemented hosts_connection_nolog.

33. Added an ACL for QUIT.

34. Setting "delay_warning=" to disable warnings was not working; it gave a
    syntax error.

35. Added mailbox_size and mailbox_filecount to appendfile.

36. Added control = no_multiline_responses to ACLs.

37. There was a bug in the logic of the code that waits for the clock to tick
    in the case where the clock went backwards by a substantial amount such
    that the microsecond fraction of "now" was more than the microsecond
    fraction of "then" (but the whole seconds number was less).

38. Added support for the libradius Radius client library this is found on
    FreeBSD (previously only the radiusclient library was supported).

Revision 1.5.4.1: download - view: text, markup, annotated - select for diffs
Sun May 30 09:04:23 2004 UTC (20 years, 6 months ago) by grant
Branches: pkgsrc-2004Q1
Diff to: previous 1.5: preferred, colored; next MAIN 1.6: preferred, colored
Changes since revision 1.5: +3 -3 lines
Pull up revision 1.6 (requested by abs in ticket #28):

Update exim-html to 4.30 (from 4.20)
  - Update to latest docs

Revision 1.6: download - view: text, markup, annotated - select for diffs
Fri May 7 17:47:32 2004 UTC (20 years, 7 months ago) by abs
Branches: MAIN
CVS tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3, pkgsrc-2004Q2-base, pkgsrc-2004Q2
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +3 -3 lines
Update exim3 to exim-3.36nb2
  - Fix buffer overflows listed at http://www.guninski.com/exim1.html

Update exim to exim-4.33nb1 (from 4.22nb5)
  - Fix buffer overflow listed at http://www.guninski.com/exim1.html
  - Leave nb1 to indicate we have a local change from stock 4.33
  - 1086 lines of changes - http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
  - Remove dependancy on exim-user - now looks up EXIM_{USER,GROUP} at runtime

Update exim-exiscan to 4.33_20nb1 (from 4.22-12)
  - Fix buffer overflow listed at http://www.guninski.com/exim1.html
  - Leave nb1 to indicate we have a local change from stock 4.33_20
  - Same exim changes - http://www.exim.org/ftp/ChangeLogs/ChangeLog-4.33
  - Changes (http://duncanthrax.net/exiscan-acl/CHANGELOG) include
    - added option to use multiple spamd servers
    - many mime changes
    - Added Brightmail Antispam support
    - clamd fixes

Update exim-html to 4.30 (from 4.20)
  - Update to latest docs

Delete exim-user
  - No longer required - exim now looks up EXIM_{USER,GROUP} at runtime

Revision 1.5: download - view: text, markup, annotated - select for diffs
Tue Sep 2 12:16:19 2003 UTC (21 years, 3 months ago) by abs
Branches: MAIN
CVS tags: pkgsrc-2004Q1-base, pkgsrc-2003Q4-base, pkgsrc-2003Q4
Branch point for: pkgsrc-2004Q1
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +3 -3 lines
Update exim-html to 4.20 (latest copy of exim html docs)

Revision 1.4: download - view: text, markup, annotated - select for diffs
Mon Dec 9 11:40:49 2002 UTC (22 years ago) by ad
Branches: MAIN
CVS tags: netbsd-1-6-1-base, netbsd-1-6-1
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +3 -3 lines
Update to exim-html-4.10. Provied by dawszy at arhea.net in pkg/19231.

Revision 1.2.2.1: download - view: text, markup, annotated - select for diffs
Sun Jun 23 18:51:14 2002 UTC (22 years, 5 months ago) by jlam
Branches: buildlink2
Diff to: previous 1.2: preferred, colored; next MAIN 1.3: preferred, colored
Changes since revision 1.2: +3 -3 lines
Merge from pkgsrc-current to buildlink2 branch.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Wed Jun 19 16:10:51 2002 UTC (22 years, 5 months ago) by ad
Branches: MAIN
CVS tags: pkgviews-base, pkgviews, netbsd-1-6-RELEASE-base, netbsd-1-6, buildlink2-base
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +3 -3 lines
Update exim-html to 4.0, to match exim.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Wed Jul 11 13:23:08 2001 UTC (23 years, 5 months ago) by ad
Branches: MAIN
CVS tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -2 lines
Add RCS ID to patch.

Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Wed Jul 11 13:21:07 2001 UTC (23 years, 5 months ago) by ad
Branches: TNF
CVS tags: pkgsrc-base
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +0 -0 lines
HTML documentation for the exim MTA.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Wed Jul 11 13:21:07 2001 UTC (23 years, 5 months ago) by ad
Branches: MAIN
Initial revision

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>