commit cb985af72f8c2d0d83c554355bcbbd7fbf30587f Author: Juergen Daubert <jue@jue.li> Date: Wed Nov 29 18:55:33 2017 +0100 [notify] exim: security update to 4.89.1 see - https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html - https://lists.exim.org/lurker/message/20171128.215505.79ea8efa.en.html diff --git a/exim/.md5sum b/exim/.md5sum index 95a5dad1..f851e6a5 100644 --- a/exim/.md5sum +++ b/exim/.md5sum @@ -1,3 +1,3 @@ 2e73c992dc8491a33f225efbe4da9e32 exim -b569ec80c495dffc54545895e680ed61 exim-4.89.tar.xz -f1f6867cb984a61f85d42fdb4fa83677 exim-config.patch +e5d48403fc93cd1ff2d3124c15af6018 exim-4.89.1.tar.xz +fd5b5983a6b8ad29f0fd8ba10603d569 exim-config.patch diff --git a/exim/.signature b/exim/.signature index 3e35690c..398aeb20 100644 --- a/exim/.signature +++ b/exim/.signature @@ -1,7 +1,7 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqvgtMpIIkQJAlRLxq99KSRe3jxGq33jKSAylw8mu0sa1Ue0RHe6RWaRENao5Nce8qi5/D5AjLSVlYzSNvqpTbwM= -SHA256 (Pkgfile) = 798f9c95d2b1f1cb8b9b59f614cc2d0fc71687eeb7ffb13f75f6a73ad2367dd2 +RWRJc1FUaeVeqvsQjjQ0cffFQnFydrXZvBGsYcrcsnjKvkGE3KxB11Zplg4rSstyAmUJR4P5s/wRi9JxDeajqFlF42F4t3dONQk= +SHA256 (Pkgfile) = cfe7104f805a776b11b34d2fd4204bfd6195b65b3193fe4faefd9ee1f4949a5e SHA256 (.footprint) = 3e5fe8471a7a9057c0c7486c016ea2ed1dc5ebd72adc13c23f432ef468d2fc5d -SHA256 (exim-4.89.tar.xz) = 0c490a1ca97bbb22d6079d2896de19af48ac3af109ea5f307dbc6b49c66e9626 +SHA256 (exim-4.89.1.tar.xz) = 1a21322a10e2da9c0bd6a2a483b6e7ef8fa7f16efcab4c450fd73e7188f5fa94 SHA256 (exim) = 850f72cb4d069dc8d15ce138623e6b6a7fe33f5daebe37fbf93c7801fa2d6134 -SHA256 (exim-config.patch) = eef009451af3e97d8089f97db0e1a008157aaaea346703da412158443012614b +SHA256 (exim-config.patch) = 27109eceb9b5adb9a8eb870a3213f0c237b3bb2fdc47a554215ac769932cd8c8 diff --git a/exim/Pkgfile b/exim/Pkgfile index 8e56dbb3..3d73fa41 100644 --- a/exim/Pkgfile +++ b/exim/Pkgfile @@ -4,8 +4,8 @@ # Depends on: db openssl libpcre name=exim -version=4.89 -release=2 +version=4.89.1 +release=1 source=(ftp://ftp.exim.org/pub/exim/exim4/$name-$version.tar.xz \ $name $name-config.patch) @@ -18,7 +18,7 @@ build() { make -j1 make DESTDIR=$PKG install - mv $PKG/usr/sbin/{$name-$version-?,$name} + mv $PKG/usr/sbin/{$(readlink $PKG/usr/sbin/$name),$name} install -D -m 755 $SRC/exim $PKG/etc/rc.d/exim install -D -m 644 doc/exim.8 $PKG/usr/share/man/man8/exim.8 @@ -37,7 +37,4 @@ build() { touch $PKG/etc/ssl/certs/exim.crt touch $PKG/etc/ssl/keys/exim.key chmod 0600 $PKG/etc/ssl/{keys/exim.key,certs/exim.crt} - - # https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html - sed -e '44i\\nchunking_advertise_hosts =' -i $PKG/etc/exim/exim.conf } diff --git a/exim/exim-config.patch b/exim/exim-config.patch index 2de98223..5c374d6e 100644 --- a/exim/exim-config.patch +++ b/exim/exim-config.patch @@ -1,6 +1,6 @@ -diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME ---- exim-4.89.orig/src/EDITME 2017-03-08 11:08:51.225985193 +0100 -+++ exim-4.89/src/EDITME 2017-03-08 11:12:46.989840413 +0100 +diff -Nru exim-4.89.1.orig/src/EDITME exim-4.89.1/src/EDITME +--- exim-4.89.1.orig/src/EDITME 2017-11-29 18:23:53.623089271 +0100 ++++ exim-4.89.1/src/EDITME 2017-11-29 18:24:18.092218489 +0100 @@ -72,7 +72,7 @@ # this would be wanted. ############################################################################### @@ -57,7 +57,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # LOOKUP_IBASE=yes # LOOKUP_LDAP=yes # LOOKUP_MYSQL=yes -@@ -380,7 +380,7 @@ +@@ -381,7 +381,7 @@ # files are defaulted in the OS/Makefile-Default file, but can be overridden in # local OS-specific make files. @@ -66,7 +66,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME #------------------------------------------------------------------------------ -@@ -622,7 +622,7 @@ +@@ -623,7 +623,7 @@ # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -75,7 +75,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # AUTH_CYRUS_SASL=yes # AUTH_DOVECOT=yes # AUTH_GSASL=yes -@@ -630,7 +630,7 @@ +@@ -631,7 +631,7 @@ # AUTH_HEIMDAL_GSSAPI=yes # AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi # AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi heimdal-krb5 @@ -84,7 +84,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # AUTH_SPA=yes # AUTH_TLS=yes -@@ -745,10 +745,10 @@ +@@ -746,10 +746,10 @@ # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -97,7 +97,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # TLS_LIBS=-lssl -lcrypto # Uncomment the first and either the second or the third of these if you -@@ -831,7 +831,7 @@ +@@ -832,7 +832,7 @@ # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -106,7 +106,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -880,7 +880,7 @@ +@@ -881,7 +881,7 @@ # files. Both the name of the command and the suffix that it adds to files # need to be defined here. See also the EXICYCLOG_MAX configuration. @@ -115,7 +115,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME COMPRESS_SUFFIX=gz -@@ -895,7 +895,7 @@ +@@ -896,7 +896,7 @@ # ZCAT_COMMAND=zcat # # Or specify the full pathname: @@ -124,7 +124,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME #------------------------------------------------------------------------------ # Compiling in support for embedded Perl: If you want to be able to -@@ -1036,7 +1036,7 @@ +@@ -1037,7 +1037,7 @@ # # USE_TCP_WRAPPERS=yes # CFLAGS=-O -I/usr/local/include @@ -133,7 +133,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1069,7 +1069,7 @@ +@@ -1070,7 +1070,7 @@ # aliases). The following setting can be changed to specify a different # location for the system alias file. @@ -142,7 +142,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME #------------------------------------------------------------------------------ -@@ -1098,7 +1098,7 @@ +@@ -1099,7 +1099,7 @@ #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -151,7 +151,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1119,13 +1119,13 @@ +@@ -1120,13 +1120,13 @@ # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -172,7 +172,7 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME #------------------------------------------------------------------------------ -@@ -1327,7 +1327,7 @@ +@@ -1328,7 +1328,7 @@ # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: @@ -181,9 +181,9 @@ diff -Nru exim-4.89.orig/src/EDITME exim-4.89/src/EDITME # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory # using the name "exim-daemon.pid". -diff -Nru exim-4.89.orig/src/configure.default exim-4.89/src/configure.default ---- exim-4.89.orig/src/configure.default 2017-03-08 11:08:51.229318534 +0100 -+++ exim-4.89/src/configure.default 2017-03-08 11:09:06.722686163 +0100 +diff -Nru exim-4.89.1.orig/src/configure.default exim-4.89.1/src/configure.default +--- exim-4.89.1.orig/src/configure.default 2017-11-29 18:23:53.623089271 +0100 ++++ exim-4.89.1/src/configure.default 2017-11-29 18:24:18.092218489 +0100 @@ -55,7 +55,7 @@ # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They # are all colon-separated lists: