Commit Graph

70 Commits

Author SHA1 Message Date
naddy
63347c3c80 SECURITY:
CAN-2005-2491, http://securitytracker.com/id?1014744
A remote or local user may be able to supply a specially crafted
regular expression to trigger a heap integer overflow in PCRE.

ok pvalchev@
2005-08-27 15:57:31 +00:00
jolan
63948522eb remove peter galbavy as maintainer per his request 2005-07-06 23:18:09 +00:00
alek
644f32ce81 Oh my^W^WMore no longer needed WWW:... lines 2005-03-25 15:13:59 +00:00
sturm
5ef19df409 this should be it
btw: the port's maintainer agrees with this update
2005-01-26 19:38:52 +00:00
sturm
210c026731 ... 2005-01-26 19:37:22 +00:00
sturm
2ca4ad7fb3 SECURITY update to exim 4.44
This fixes lots of bugs and at least the security issues noticed in
CAN-2005-0021 and CAN-2005-0022.

based on a diff from "Andrey N. Oktyabrski" <ano at antora.ru>
2005-01-26 19:33:20 +00:00
naddy
a8817eabcc SIZE 2005-01-05 16:50:35 +00:00
alek
200b1ea2ea Add WANTLIB markers 2005-01-02 12:56:04 +00:00
alek
1ed5d284bd @newuser won't create homedir so we have to create it with @sample
ok pvalchev
2004-11-19 07:38:45 +00:00
alek
67cafd548b - Remove INSTALL script
- Use @sample to install configuration files
- @new(user|group) to create _exim user/group
- Add MESSAGE with tips&tricks from INSTALL
- Bump PKGNAME

MAINTAINERs timeout

ok strum@
2004-11-18 23:26:41 +00:00
sturm
d7d2340d59 /etc -> SYSCONFDIR
ok maintainer Peter Galbavy <peter.galbavy at knowtion.net>
2004-10-10 10:29:53 +00:00
espie
15a2aca1cd new style plists. 2004-09-15 09:09:41 +00:00
xsa
569ca0e221 new-style MODULES. 2004-08-10 09:14:47 +00:00
naddy
d73ee953d2 obviously nobody ever tested the previous update 2004-07-29 22:15:15 +00:00
peter
312522ffa2 Forgot to update patch for new version (was originally written with 4.40
in mind). Thanks Gerard Gerritsen for noticing.
2004-07-27 06:54:48 +00:00
peter
1536f84b31 Update to exim 4.41.
This is a major update and configuration files are not compatible.
A conversion script is included and installed in

        ${PREFIX}/share/examples/exim4/convert4r4

New co-maintainer and much of the inital work done by Ilya Voronin.

A decision was made to include the semi-official exiscan patch in
the default installation, as most admins appear to use this. It is
hoped that is will become part of the core exim4 code "soon".

This port now creates an _exim user and group if they don't already
exist.

Work and testing by Ilya Voronin, Richard Welty, Axel Rau and others
who I can't now find in my mailbox. Apologies if I left you out.
2004-07-26 10:56:01 +00:00
peter
05a5c92e7b Update to use new postgresql-client dependency 2004-07-26 10:14:27 +00:00
peter
1f0e083160 back out my misunderstanding. 2004-07-17 11:19:50 +00:00
peter
9702640403 allow the pgsql flavour to install with the postgresql-clients subpackage 2004-07-15 19:32:45 +00:00
brad
6f94cf27a3 simplify, use MAKE_FLAGS 2004-05-10 08:42:42 +00:00
brad
efb683c74c Fix 2 buffer overflows in exim discovered by Georgi Guninski
Not exploitable in default install

http://www.guninski.com/exim1.html

ok MAINTAINER
2004-05-10 07:42:32 +00:00
xsa
477f4ba7c2 should I say this is more @extra support? 2004-04-14 14:24:34 +00:00
brad
95f189387f - remove useless LIBS variable
- fix a typo
- better LIB_DEPENDS entry for MySQL
2004-01-02 05:03:33 +00:00
naddy
2276d3b230 remove WWW lines 2003-12-15 21:42:08 +00:00
brad
8bf6894c96 Fix a remote heap overflow in exim, though it's probably not exploitable.
http://www.exim.org/pipermail/exim-announce/2003q3/000094.html

ok pvalchev@
2003-09-03 17:21:05 +00:00
sturm
58ca9acb21 new user naming schema
bump PKGNAME where necessary

rohee@ ok leafnode
"you don't have to wait for oks" pval@
2003-06-23 19:11:10 +00:00
brad
0af266880e Fix a format string bug. The vulnerability can only be exploited by the
"admin user" of exim. Thus the risk of this vulnerability is low.

http://online.securityfocus.com/archive/1/302101/2002-2/2002-12-08/0
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20021202/046978.html
--
From: MAINTAINER with heads up from me
2002-12-07 16:34:57 +00:00
naddy
78e6e6c509 Update to 3.36; from Peter Galbavy <peter.galbavy@knowtion.net>. 2002-11-21 00:15:10 +00:00
naddy
26e34fa97b No regression tests available. 2002-10-27 17:21:39 +00:00
peter
fd8ab7bae8 From the ChangeLog:
Version 3.34
------------
1. Exim was failing to diagnose a lone \ at the end of an expansion string as
an error (basically a typo in the code).

2. If logging was only to syslog, and Exim was trying to panic-die, it crashed
instead of dying cleanly.

3. If an address was routed using a DNS lookup that found no MX records, but
one or more A records, and fallback hosts were specified on the transport, the
fallback hosts were ignored.

4. $message_body_size was set incorrectly (to zero) during filter testing.

5. Ensure the configuration file is closed before running the -bi command.

6. Reap all complete processes within the loop for accepting -bs or -bS
messages, because it seems that not all OS do this automatically when SIGCHLD
is set to SIG_IGN.

7. Reset SIGHUP to SIG_IGN before restarting a daemon, in case another SIGHUP
arrives very quickly and kills the newly started Exim before it has a chance to
get going.

8. After "452 space shortage", was not unsetting the sender address. Could lead
to strange effects when the client was pipelining.

9. There was no check that getpeername() was giving a socket address when
called on stdin passed from a previous delivery.

10. If a local part beginning with a pipe symbol was directed to a pipe
transport, the transport got confused as to which command it should run.
This could be a security exposure if unchecked local parts are directed
or routed to pipe transports.
2001-12-29 12:55:08 +00:00
naddy
4c9e6b9f16 - update MASTER_SITES to new location
- better COMMENT

From Sebastian Stark <seb@todesplanet.de>.
2001-12-03 15:06:30 +00:00
naddy
0739b03753 add lib/mysql path to library dependencies 2001-11-17 00:12:23 +00:00
espie
fe10e4b76b Complete lib dependencies 2001-10-24 12:22:45 +00:00
jakob
217a4b60ed depend on openldap-client 2001-09-28 19:06:29 +00:00
peter
75fdb59de3 change my official e-mail address 2001-09-07 22:23:46 +00:00
peter
1bdb729923 update to maintenance release 3.33 - see CHANGES file for what has
been fixed. There are no new features in this release.
2001-09-07 22:15:50 +00:00
peter
00f46eae44 update to exim 3.30
This does not yet include the IPv6 / IPv4 OpenBSD patch discussed on
various lists.
2001-07-25 08:18:48 +00:00
brad
6de20d30a3 update dependency entries for MySQL. 2001-06-03 05:32:16 +00:00
peter
29d991f46c minor type in an example 2001-04-22 09:03:40 +00:00
peter
1ca6a94b2a bump NEED_VERSION
integrate COMMENT
change postgresql dependencies to new paths and names

ok espie@
2001-04-21 18:54:11 +00:00
brad
b676d035fb remove major rev for mysqlclient dependency entry. 2001-03-07 19:05:33 +00:00
brad
45daf36498 openldap, mysql and postgresql make shared libraries, dont cause great
pain with incorrect dependencies.
2001-02-28 15:13:19 +00:00
peter
d7a69171e2 Update to exim 3.22.
Quite a few bug fixes and a small number of new features are
documented in doc/ChangeLog in the exim source tree.
2001-02-23 11:30:02 +00:00
danh
60765ca232 - update postgresql dependency based on 7.0.3 layout.
- /usr/local -> ${LOCALBASE}
- ${PREFIX} -> ${LOCALBASE}
2001-02-22 20:03:43 +00:00
peter
e89621d1b3 Add common flavors to Makefile and document flavors (as per last commit)
in DESCR file. Thanks to Marc for prompting.
2000-12-08 12:01:07 +00:00
peter
5ea3176f9c stupid CVS missed this again - but I expected it this time. 2000-12-07 15:27:33 +00:00
peter
36ff9ee78a Update exim to version 3.20
See ChangeLog and documentation for a full list of bugs fixes and
new features. Release highlights include the addition of STARTTLS
extensions to SMTP and callback SMTP checks to verify sender addresses
on lightly loaded mail servers - prevent spam from made-up addresses.

This port includes the following flavors:

no_x11	- do not build eximon which requires X11
no_perl	- do not include perl support
no_tls	- do not include SSL/TLS support
mysql	- support mysql queries for lookups
pgsql	- support pgsql queries for lookups
ldap	- support ldap (OpenLDAP) queries for lookups

All these queries are independent.

Maintainer has been temporarily chaged to me for feedback, until
Sebastian is back and available to support the port.

Testing has been limited to i386.
2000-12-07 15:27:10 +00:00
espie
7987406fd0 MAINTAINER address 2000-10-27 12:56:09 +00:00
brad
39f4ba63e7 remove SYSCONFDIR from SUBST_VARS and SUBST_VARS too if no other variables
are listed
2000-09-06 05:48:47 +00:00
naddy
de4154f558 - update to 3.16; submitted by seb@gosh.todesplanet.de
- move config file handling to (DE)INSTALL; requested by brad@
- switch maintainer; offered by Peter
2000-08-12 23:57:45 +00:00