From 502758a841b67394783cf3d7e69abed40497e9f5 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Thu, 30 Nov 2017 18:48:13 +0000 Subject: - Update to 4.89.1 MFH: 2017Q4 Security: 75dd622c-d5fd-11e7-b9fe-c13eb7bcbf4f --- mail/exim/Makefile | 3 +-- mail/exim/distinfo | 6 +++--- mail/exim/files/patch-CVE-2017-1000369 | 37 ---------------------------------- mail/exim/files/patch-CVE-2017-16943 | 35 -------------------------------- 4 files changed, 4 insertions(+), 77 deletions(-) delete mode 100644 mail/exim/files/patch-CVE-2017-1000369 delete mode 100644 mail/exim/files/patch-CVE-2017-16943 (limited to 'mail') diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 3bbb19fda87f..cb4249edb218 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -3,7 +3,6 @@ PORTNAME= exim PORTVERSION?= ${EXIM_VERSION} -PORTREVISION= 2 CATEGORIES= mail ipv6 MASTER_SITES= EXIM:exim MASTER_SITE_SUBDIR= /exim4/:exim \ @@ -92,7 +91,7 @@ MASTER_SITES+= http://marc.merlins.org/linux/exim/files/:sa_exim \ DISTFILES+= sa-exim-${SA_EXIM_VERSION}.tar.gz:sa_exim .endif -EXIM_VERSION= 4.89 +EXIM_VERSION= 4.89.1 SA_EXIM_VERSION=4.2 EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink" diff --git a/mail/exim/distinfo b/mail/exim/distinfo index 3798e374b96f..58f3f4b2ffe8 100644 --- a/mail/exim/distinfo +++ b/mail/exim/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1488990705 -SHA256 (exim/exim-4.89.tar.bz2) = 912f2ee03c8dba06a3a4c0ee40522d367e1b65dc59e38dfcc1f5d9eecff51ab0 -SIZE (exim/exim-4.89.tar.bz2) = 1844430 +TIMESTAMP = 1512067398 +SHA256 (exim/exim-4.89.1.tar.bz2) = 1c853bc960dff0a0e51e3e28bc4a4a8165b58b41bb64ea3abb90f254d9947a8c +SIZE (exim/exim-4.89.1.tar.bz2) = 1828699 SHA256 (exim/sa-exim-4.2.tar.gz) = 72e0a735547f18b05785e6c58a71d24623858f0f5234a5dc0e24cb453999e99a SIZE (exim/sa-exim-4.2.tar.gz) = 66575 diff --git a/mail/exim/files/patch-CVE-2017-1000369 b/mail/exim/files/patch-CVE-2017-1000369 deleted file mode 100644 index 77bbb25ed818..000000000000 --- a/mail/exim/files/patch-CVE-2017-1000369 +++ /dev/null @@ -1,37 +0,0 @@ -diff --git a/src/src/exim.c b/src/src/exim.c -index 67583e58..88e11977 100644 ---- src/exim.c -+++ src/exim.c -@@ -3106,7 +3106,14 @@ for (i = 1; i < argc; i++) - - /* -oMr: Received protocol */ - -- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; -+ else if (Ustrcmp(argrest, "Mr") == 0) -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ else received_protocol = argv[++i]; - - /* -oMs: Set sender host name */ - -@@ -3202,7 +3209,15 @@ for (i = 1; i < argc; i++) - - if (*argrest != 0) - { -- uschar *hn = Ustrchr(argrest, ':'); -+ uschar *hn; -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ -+ hn = Ustrchr(argrest, ':'); - if (hn == NULL) - { - received_protocol = argrest; diff --git a/mail/exim/files/patch-CVE-2017-16943 b/mail/exim/files/patch-CVE-2017-16943 deleted file mode 100644 index 684b69add440..000000000000 --- a/mail/exim/files/patch-CVE-2017-16943 +++ /dev/null @@ -1,35 +0,0 @@ -From: Jeremy Harris -Date: Fri, 24 Nov 2017 20:22:33 +0000 (+0000) -Subject: Avoid release of store if there have been later allocations. Bug 2199 -X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/4e6ae6235c68de243b1c2419027472d7659aa2b4 - -Avoid release of store if there have been later allocations. Bug 2199 ---- - -diff --git a/src/src/receive.c b/src/src/receive.c -index e7e518a..d9b5001 100644 ---- src/receive.c.orig -+++ src/receive.c -@@ -1810,8 +1810,8 @@ for (;;) - (and sometimes lunatic messages can have ones that are 100s of K long) we - call store_release() for strings that have been copied - if the string is at - the start of a block (and therefore the only thing in it, because we aren't -- doing any other gets), the block gets freed. We can only do this because we -- know there are no other calls to store_get() going on. */ -+ doing any other gets), the block gets freed. We can only do this release if -+ there were no allocations since the once that we want to free. */ - - if (ptr >= header_size - 4) - { -@@ -1820,9 +1820,10 @@ for (;;) - header_size *= 2; - if (!store_extend(next->text, oldsize, header_size)) - { -+ BOOL release_ok = store_last_get[store_pool] == next->text; - uschar *newtext = store_get(header_size); - memcpy(newtext, next->text, ptr); -- store_release(next->text); -+ if (release_ok) store_release(next->text); - next->text = newtext; - } - } -- cgit v1.2.3