1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-21 04:06:46 +00:00
freebsd-ports/mail/exim
Eygene Ryabinkin b6afedf1c5 mail/exim: upgrade to 4.76
4.76 is the security release that fixes CVE-2011-1764, format string
attack and information leak, both inside the DKIM code.

List of changes (ftp://exim.inode.at/exim/ChangeLogs/ChangeLog-4.76):

PP/01 The new ldap_require_cert option would segfault if used.  Fixed.

PP/02 Harmonised TLS library version reporting; only show if
      debugging.  Layout now matches that introduced for other
      libraries in 4.74 PP/03.

PP/03 New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1

PP/04 New "dns_use_edns0" global option.

PP/05 Don't segfault on misconfiguration of ref:name exim-user as uid.
      Bugzilla 1098.

PP/06 Extra paranoia around buffer usage at the STARTTLS transition.
      nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316

TK/01 Updated PolarSSL code to 0.14.2.
      Bugzilla 1097. Patch from Andreas Metzler.

PP/07 Catch divide-by-zero in ${eval:...}.
      Fixes bugzilla 1102.

PP/08 Condition negation of bool{}/bool_lax{} did not negate.  Fixed.
      Bugzilla 1104.

TK/02 Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a
      format-string attack -- SECURITY: remote arbitrary code execution.

TK/03 SECURITY - DKIM signature header parsing was double-expanded,
      second time unintentionally subject to list matching rules,
      letting the header cause arbitrary Exim lookups (of items which can
      occur in lists, *not* arbitrary string expansion). This allowed for
      information disclosure.

PP/09 Fix another SIGFPE (x86) in ${eval:...} expansion, this time related
      to INT_MIN/-1 -- value coerced to INT_MAX.

New stuff (ftp://exim.inode.at/exim/ChangeLogs/NewStuff-4.76):

 1. The global option "dns_use_edns0" may be set to coerce EDNS0 usage
    on or off in the resolver library.

And I am also adding patch for exiqgrep that was taken from
  http://bugs.exim.org/show_bug.cgi?id=1103 [1].

PR: ports/156903 [2], ports/156872 [3]
Reported-by: Oliver Brandmueller <ob@e-gitt.net> [1], admin@anes.su [2], Alexander Wittig <alexander@wittig.name> [3]
Approved-by: erwin (mentor)
Feature-safe: yes
2011-05-11 11:30:17 +00:00
..
files mail/exim: upgrade to 4.76 2011-05-11 11:30:17 +00:00
distinfo mail/exim: upgrade to 4.76 2011-05-11 11:30:17 +00:00
Makefile mail/exim: upgrade to 4.76 2011-05-11 11:30:17 +00:00
Makefile.options
options
pkg-descr
pkg-install
pkg-message
pkg-plist