Return to Makefile CVS log | Up to [cvs.NetBSD.org] / pkgsrc / mail / exim |
File: [cvs.NetBSD.org] / pkgsrc / mail / exim / Makefile (download)
Revision 1.131, Thu May 29 09:27:37 2014 UTC (9 years, 10 months ago) by adam
Changes 4.82.1: This is a SECURITY release, addressing a CRITICAL remote code execution flaw in Exim version 4.82 (only) when built with DMARC support (an experimental feature, not on by default). This release is identical to 4.82 except for the small change needed to plug the security hole. The next release of Exim will, eventually, be 4.83, which will include the many improvements we've made since 4.82, but which will require the normal release candidate baking process before release. You are not vulnerable unless you built Exim with EXPERIMENTAL_DMARC. This issue is known by the CVE ID of CVE-2014-2957, was reported directly to the Exim development team by a company which uses Exim for its mail server. An Exim developer constructed a small patch which altered the way the contents of the From header is parsed by converting it to use safer and better internal functions. It was applied and tested on a production server for correctness. We were notified of the vulnerability Friday night, created a patch on Saturday, applied and tested it on Sunday, notified OS packagers on Monday/Tuesday, and are releasing on the next available work day, which is Wednesday. This is why we have made the smallest feasible changes to prevent exploit: we want this chagne to be as safe as possible to expedite into production (if the packages were built with DMARC). |
# $NetBSD: Makefile,v 1.131 2014/05/29 09:27:37 adam Exp $ DISTNAME= exim-4.82.1 CATEGORIES= mail net MASTER_SITES= ftp://ftp.exim.org/pub/exim/exim4/ \ http://dl.ambiweb.de/mirrors/ftp.exim.org/exim/exim4/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= abs@NetBSD.org HOMEPAGE= http://www.exim.org/ COMMENT= The Exim mail transfer agent, a replacement for sendmail LICENSE= gnu-gpl-v2 CONFLICTS+= exim-exiscan-[0-9]* USE_TOOLS+= perl:run BUILD_DEFS+= VARBASE MAKE_ENV+= SSLBASE=${SSLBASE:Q} MAKE_ENV+= INST_CHOWN=${CHOWN:Q} MAKE_FLAGS+= FULLECHO='' MAKE_JOBS_SAFE= no .include "../../mk/bsd.prefs.mk" BUILD_DEFS+= EXIM_DB EXIM_MAX_INCLUDE_SIZE PKG_GROUPS= ${EXIM_GROUP} PKG_USERS= ${EXIM_USER}:${EXIM_GROUP} PKG_GROUPS_VARS+= EXIM_GROUP PKG_USERS_VARS+= EXIM_USER PKG_GECOS.${EXIM_USER}= Exim mail server user PKG_HOME.${EXIM_USER}= ${VARBASE}/mail PKG_SHELL.${EXIM_USER}= ${NOLOGIN} FILES_SUBST+= EXIM_GROUP=${EXIM_GROUP:Q} FILES_SUBST+= EXIM_USER=${EXIM_USER:Q} PKG_SYSCONFSUBDIR= exim EXAMPLESDIR= ${PREFIX}/share/examples/exim CONF_FILES= ${EXAMPLESDIR}/aliases ${PKG_SYSCONFDIR}/aliases CONF_FILES+= ${EXAMPLESDIR}/configure ${PKG_SYSCONFDIR}/configure MESSAGE_SUBST+= EXAMPLESDIR="${EXAMPLESDIR}" PLIST_SUBST+= DISTNAME=${DISTNAME} RCD_SCRIPTS= exim OWN_DIRS_PERMS= ${VARBASE}/log/exim ${EXIM_USER} ${EXIM_GROUP} 0750 OWN_DIRS_PERMS+= ${VARBASE}/spool/exim ${EXIM_USER} ${EXIM_GROUP} 0750 SPECIAL_PERMS+= sbin/${PKGSRC_EXIM_VERSION} ${SETUID_ROOT_PERMS} # pay attention to CPPFLAGS as well CFLAGS+= ${CPPFLAGS} PKGSRC_EXIM_VERSION= ${DISTNAME}-1 SUBST_CLASSES+= exim SUBST_STAGE.exim= pre-configure SUBST_MESSAGE.exim= Faking exim version information in exim_install SUBST_FILES.exim= scripts/exim_install SUBST_VARS.exim= PKGSRC_EXIM_VERSION SUBST_CLASSES+= cflags SUBST_STAGE.cflags= post-patch SUBST_MESSAGE.cflags= Removing hard-coded CFLAGS SUBST_FILES.cflags= OS/Makefile-* SUBST_SED.cflags= -e 's,^CFLAGS=.*,,' INSTALL_ARG= INSTALL_ARG=-no_chown INSTALL_ENV+= ${INSTALL_ARG:Q} .include "options.mk" post-extract: mkdir ${WRKSRC}/Local cp ${WRKSRC}/src/EDITME ${WRKSRC}/Local/Makefile.pkgsrc cp ${WRKSRC}/exim_monitor/EDITME ${WRKSRC}/Local/eximon.conf.pkgsrc cp ${FILESDIR}/Makefile-DragonFly ${FILESDIR}/os.h-DragonFly \ ${WRKSRC}/OS/ pre-configure: sed -e 's:@PREFIX@:${PREFIX}:' \ -e 's:@PKG_SYSCONFDIR@:${PKG_SYSCONFDIR}:' \ -e 's:@EXIM_USER@:${EXIM_USER}:' \ -e 's:@EXIM_GROUP@:${EXIM_GROUP}:' \ -e 's:@EXIM_USE_DB_CONFIG@:${EXIM_USE_DB_CONFIG}:' \ -e 's:@EXIM_DBMLIB@:${EXIM_DBMLIB}:' \ -e 's:@EXIM_INCLUDE@:${EXIM_INCLUDE}:' \ -e 's:@LOOKUP_LIBS@:${LOOKUP_LIBS}:' \ -e 's:@CHOWN@:${CHOWN}:' \ -e 's:@CHGRP@:${CHGRP}:' \ -e 's:@CHMOD@:${CHMOD}:' \ -e 's:@MV@:${MV}:' \ -e 's:@RM@:${RM}:' \ -e 's:@TOUCH@:${TOUCH}:' \ -e 's:@PERL5@:${PERL5}:' \ -e 's:@VARBASE@:${VARBASE}:' \ < ${WRKSRC}/Local/Makefile.pkgsrc \ > ${WRKSRC}/Local/Makefile .for opt in ${LOCAL_MAKEFILE_OPTIONS} ${ECHO} ${opt} >> ${WRKSRC}/Local/Makefile .endfor .if !empty(EXIM_MAX_INCLUDE_SIZE) ${ECHO} MAX_INCLUDE_SIZE=${EXIM_MAX_INCLUDE_SIZE} >> ${WRKSRC}/Local/Makefile .endif sed -e 's:@PREFIX@:${PREFIX}:' \ -e 's:@PKG_SYSCONFDIR@:${PKG_SYSCONFDIR}:' \ < ${WRKSRC}/Local/eximon.conf.pkgsrc \ > ${WRKSRC}/Local/eximon.conf post-build: sed -e 's:@PREFIX@:${PREFIX}:' \ ${FILESDIR}/mailer.conf.exim \ > ${WRKDIR}/mailer.conf INSTALLATION_DIRS = ${PKGMANDIR}/man8 sbin share/examples/exim share/doc/exim post-install: ${INSTALL_DATA} ${WRKDIR}/mailer.conf ${DESTDIR}${EXAMPLESDIR} ${INSTALL_DATA} ${WRKSRC}/doc/exim.8 \ ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8/exim.8 ${INSTALL_DATA} ${WRKSRC}/doc/spec.txt \ ${DESTDIR}${PREFIX}/share/doc/exim .include "../../converters/libiconv/buildlink3.mk" .include "../../devel/pcre/buildlink3.mk" .include "../../mk/bsd.pkg.mk"