openbsd-ports

History

sthen 82bc31baad Add patch for Exim remote code execution in 4.88+.

https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
https://bugs.exim.org/show_bug.cgi?id=2199

There is also another issue which is at least a DoS,
https://bugs.exim.org/show_bug.cgi?id=2201 that is *not* patched yet.
The workaround below would help both cases.

From upstream:

"With immediate effect, please apply this workaround: if you are running
Exim 4.88 or newer (4.89 is current, 4.90 is upcoming) then in the main
section of your Exim configuration, set:

chunking_advertise_hosts =

That's an empty value, nothing on the right of the equals. This
disables advertising the ESMTP CHUNKING extension, making the BDAT verb
unavailable and avoids letting an attacker apply the logic. "

2017-11-25 13:04:53 +00:00

files

Enable LMTP transport in mail/exim, requested by Thomas Schneider

2016-12-24 16:02:10 +00:00

patches

Add patch for Exim remote code execution in 4.88+.

2017-11-25 13:04:53 +00:00

pkg

No need to override pexp.

2015-07-15 17:10:35 +00:00

distinfo

update to exim-4.89

2017-03-08 17:05:34 +00:00

Makefile

Add patch for Exim remote code execution in 4.88+.

2017-11-25 13:04:53 +00:00