aboutsummaryrefslogtreecommitdiff
path: root/mail/exim
Commit message (Collapse)AuthorAge
* exim: update to version 4.95Daniel Golle2021-10-09
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* exim: some clean upsDaniel Golle2021-08-13
| | | | | | | | * use username/group 'exim' instead of mail * register configuration file * make sure /usr/lib/exim/lookups exists Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* exim: add default config and init script, enable lmtpDaniel Golle2021-08-12
| | | | | | | | Ship default configuration /etc/exim/exim.conf as well as a simple procd init script. Enable building with LMTP for better integration with dovecot. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* exim: update to version 4.94.2Daniel Golle2021-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several exploitable vulnerabilities in Exim were reported to us and are fixed. Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap buffer overflow in queue_run() - CVE-2020-28010: Heap out-of-bounds write in main() - CVE-2020-28013: Heap buffer overflow in parse_fix_phrase() - CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase() - CVE-2020-28015: New-line injection into spool header file (local) - CVE-2020-28012: Missing close-on-exec flag for privileged pipe - CVE-2020-28009: Integer overflow in get_stdinput() Remote vulnerabilities - CVE-2020-28017: Integer overflow in receive_add_recipient() - CVE-2020-28020: Integer overflow in receive_msg() - CVE-2020-28023: Out-of-bounds read in smtp_setup_msg() - CVE-2020-28021: New-line injection into spool header file (remote) - CVE-2020-28022: Heap out-of-bounds read and write in extract_option() - CVE-2020-28026: Line truncation and injection in spool_read_header() - CVE-2020-28019: Failure to reset function pointer after BDAT error - CVE-2020-28024: Heap buffer underflow in smtp_ungetc() - CVE-2020-28018: Use-after-free in tls-openssl.c - CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() The update to 4.94.2 also integrates a fix for a printf format issue previously addressed by a local patch which is removed. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* exim: fix compilation without deprecated OpenSSL APIsRosen Penev2021-03-26
| | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* exim: fix compilation with CentOS 7Rosen Penev2021-01-11
| | | | | | CentOS 7 has an old GCC that does not default to c11. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* exim: add packageDaniel Golle2021-01-03
Add Exim MTA variants: * exim plain variant without any TLS library which hence comes without TLS, DANE and DKIM. * exim-openssl linked against libopenssl * exim-gnutls linked against libgnutls * exim-ldap linked against libopenssl, libopenldap and libsasl2 Provide packages for lookup modules * cdb * dbmdb * dnsdb * json (depends on jansson) * mysql (depends on libmariadb) * passwd * pgsql (depends on libpq) * redis (depends on libhiredis) * sqlite (depends on libsqlite3) Note: As gnutls requires libunbound which depends on libopenssl to provide libgnutls-dane, disable DANE by default when building with gnutls. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Powered by cgit, Themed by Ted Yin.