| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
| |
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
|
| |\
| |
| | |
mblaze: new package
|
| | |
| |
| |
| | |
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* use username/group 'exim' instead of mail
* register configuration file
* make sure /usr/lib/exim/lookups exists
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |/
|
|
|
|
|
|
| |
Ship default configuration /etc/exim/exim.conf as well as
a simple procd init script. Enable building with LMTP for better
integration with dovecot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
| |
Missing header.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Several exploitable vulnerabilities in Exim were reported to us and are
fixed.
Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary PID file creation
- CVE-2020-28011: Heap buffer overflow in queue_run()
- CVE-2020-28010: Heap out-of-bounds write in main()
- CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
- CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
- CVE-2020-28015: New-line injection into spool header file (local)
- CVE-2020-28012: Missing close-on-exec flag for privileged pipe
- CVE-2020-28009: Integer overflow in get_stdinput()
Remote vulnerabilities
- CVE-2020-28017: Integer overflow in receive_add_recipient()
- CVE-2020-28020: Integer overflow in receive_msg()
- CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
- CVE-2020-28021: New-line injection into spool header file (remote)
- CVE-2020-28022: Heap out-of-bounds read and write in extract_option()
- CVE-2020-28026: Line truncation and injection in spool_read_header()
- CVE-2020-28019: Failure to reset function pointer after BDAT error
- CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
- CVE-2020-28018: Use-after-free in tls-openssl.c
- CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
The update to 4.94.2 also integrates a fix for a printf format issue
previously addressed by a local patch which is removed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
| |
Use configure --with-mailpath=/var/mail instead of letting it guess the
value base on the host path. If configure can't find it, the package
will fail to build. The path was taken from the current bot build.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
Remove upstreamed patch.
Switch to AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
ChangeLog:
- IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script
name argument.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
| |
Switch to AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fixed and refreshed patches.
Switched to AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Release notes for 1.8.1.3:
https://marlam.de/msmtp/news/msmtp-1-8-13/
Release notes for 1.8.1.4:
https://marlam.de/msmtp/news/msmtp-1-8-13/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
| |
CentOS 7 has an old GCC that does not default to c11.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add Exim MTA variants:
* exim
plain variant without any TLS library which hence comes
without TLS, DANE and DKIM.
* exim-openssl
linked against libopenssl
* exim-gnutls
linked against libgnutls
* exim-ldap
linked against libopenssl, libopenldap and libsasl2
Provide packages for lookup modules
* cdb
* dbmdb
* dnsdb
* json (depends on jansson)
* mysql (depends on libmariadb)
* passwd
* pgsql (depends on libpq)
* redis (depends on libhiredis)
* sqlite (depends on libsqlite3)
Note:
As gnutls requires libunbound which depends on libopenssl to provide
libgnutls-dane, disable DANE by default when building with gnutls.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |\
| |
| | |
postfix: update to 3.5.8
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pass TARGET_[C/LD]FLAGS to reduce filesize.
Fix glibc compilation by adding lresolv.
Remove uClibc-ng patch as that's now gone.
Refreshed other patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |/
|
|
|
|
| |
Add libbsd dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Add BROKEN to nossl. Upstream broke it by requiring OpenSSL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
|
|
| |
Fix compilation with GCC10.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Phil Eichinger <phil@zankapfel.net>
|
| |
|
|
|
|
|
|
|
|
| |
Refreshed patches and removed upstreamed ones.
Switched main URL and removed others. None of them have the proper
file. The first actually has a bad one. The changed URL is from the
official website.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes an error in the previous package when building against recent
OpenWrt releases:
In file included from /builder/shared-workdir/build/sdk/staging_dir/target-x86_64_musl/usr/include/dovecot/lib.h:50,
from ext-variables-common.c:4:
ext-variables-common.c: In function 'ext_variables_load':
ext-variables-common.c:91:14: error: expected ')' before 'PRIuSIZE_T'
"(>= %"PRIuSIZE_T" bytes)",
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
|
|
|
|
|
| |
Fixes:
CVE-2020-12100
CVE-2020-12673
CVE-2020-12674
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
|
|
|
|
| |
Judging from https://salsa.debian.org/clamav-team/clamsmtp/-/tags ,
it seems that this was last updated 11 years ago. The domain is also
gone.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |\
| |
| | |
sendmail: fix compilation without sys/cdefs
|
| | |
| |
| |
| |
| |
| | |
sys/cdefs is deprecated. It's also not included with musl.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |\ \
| | |
| | | |
alpine: fix compilation without sys/cdefs
|
| | |/
| |
| |
| | |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |/
|
|
|
|
| |
It seems this is completely unused.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2020-14154
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
| |
* remove orphaned ssmtp package
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes:
CVE-2020-10957
CVE-2020-10958
CVE-2020-10967
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
The package Makefile contains a PKG_BUILD_DEPENDS=libiconv
line, which apart from being incorrect if libiconv-full is
specified in the build configuration, is also unnecessary,
since the package Makefile already includes nls.mk which
sets PKG_BUILD_DEPENDS appropriately.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This version of mailman will cease to function once Python 2 is removed
from the feed. There does not appear to be any interest in updating this
package to a current version that uses Python 3.
This package will be added to the abandoned packages feed.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|