From patchwork Sun Dec 25 22:38:15 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Korsgaard X-Patchwork-Id: 708731 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3tmxqS5Zh5z9sf9 for ; Mon, 26 Dec 2016 09:38:28 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="SZPKsZ9x"; dkim-atps=neutral Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 72B23856AE; Sun, 25 Dec 2016 22:38:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jf7oI4oVDo_G; Sun, 25 Dec 2016 22:38:23 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 519718567A; Sun, 25 Dec 2016 22:38:23 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 012331BFD3C for ; Sun, 25 Dec 2016 22:38:22 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id EE13C23245 for ; Sun, 25 Dec 2016 22:38:21 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nwobHr70-nDl for ; Sun, 25 Dec 2016 22:38:20 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f48.google.com (mail-wm0-f48.google.com [74.125.82.48]) by silver.osuosl.org (Postfix) with ESMTPS id 85A5B2322E for ; Sun, 25 Dec 2016 22:38:20 +0000 (UTC) Received: by mail-wm0-f48.google.com with SMTP id t79so254616772wmt.0 for ; Sun, 25 Dec 2016 14:38:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id; bh=vwlf98z3BU25nudP6/9pj9bWXuyFlqHvDJgkgXZLWBQ=; b=SZPKsZ9x0lUtfdu+oWUNw1ftMAxGXru5bwYtluyJSUOzWAFzaBgHF8xJ664xPdoZ85 JOjnupnRxuRVKnzPnxHJsTm/qXJNzgxMgWTd7cYlXAZRkD4DWOTXPDncMnAtgjTlWq7y 7KKS3z20FAPtpyYPmVZgaSzsxOmXHih04FVw9a0DxVWjKYzvo3KJwdRhYOZQuCGWJ0/n ojSTc9KTNRDgcAHtv1ZF8/UhQJ7BAQCZP7bZhi/3cjfZy9itjlNTzEVOhY5nVrk8zZyY Zl1xQHYUvsGZHd3ia9bXw26wUhSVY0/H2cPNSTGp4y+AA3zJELLZOAAFrizw7jMToV2m tmvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id; bh=vwlf98z3BU25nudP6/9pj9bWXuyFlqHvDJgkgXZLWBQ=; b=oip6YNd5GAON/uLBpSW1r6uwvZU4Z30+lyPwd5g8u6ALGMb8I9P3PnmsJUkKcWeR/b x0ixLSTB5M/63s+gE3pB/+RlPWSG2kZDvfWu8xX0ZkhuAjumlFxDZmdYb+2fHHNKPniF Ks8JwYSJK7sWXfn0EagTcanEpRfufTFqa70OmglVqp9KvoCX1rYPjD9kwVJBAYtvoFWv Ry330OVVxMUidY91BWqvKuB39Q6QOSsgRD7xWBpZnFeaSEbzellsEyYYPbAldEkqEbWK 7s7ujPUP1jByzwYd+rImcLT9oh92DnNESKFL/u264kpxdmMwlHtFHCz/V392WZZBHx3o 1EPg== X-Gm-Message-State: AIkVDXJXGqFf37anwhAZUGIQ4mQoB3FY6uI8RRyFhWw7vcC+J70BXFE5KF6JVMqUuYSQlw== X-Received: by 10.28.129.81 with SMTP id c78mr22504336wmd.94.1482705498646; Sun, 25 Dec 2016 14:38:18 -0800 (PST) Received: from dell.be.48ers.dk (d51a5bc31.access.telenet.be. [81.165.188.49]) by smtp.gmail.com with ESMTPSA id d9sm23077358wje.14.2016.12.25.14.38.17 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 25 Dec 2016 14:38:17 -0800 (PST) Received: from peko by dell.be.48ers.dk with local (Exim 4.88) (envelope-from ) id 1cLHQm-00012w-Vy; Sun, 25 Dec 2016 23:38:16 +0100 From: Peter Korsgaard To: buildroot@buildroot.org Date: Sun, 25 Dec 2016 23:38:15 +0100 Message-Id: <20161225223815.3970-1-peter@korsgaard.com> X-Mailer: git-send-email 2.10.2 Subject: [Buildroot] [PATCH] exim: security bump to 4.87.1 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" No features are added or removed. This release contains just a fix for CVE-2016-9963 - Fix CVE-2016-9963 - Info leak from DKIM. When signing DKIM, if either LMTP or PRDR was used for delivery, the key could appear in logs. Additionally, if the experimental feature "DSN_INFO" was used, it could appear in DSN messages (and be sent offsite). Signed-off-by: Peter Korsgaard --- package/exim/exim.hash | 2 +- package/exim/exim.mk | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/exim/exim.hash b/package/exim/exim.hash index 83be731..ef2d03b 100644 --- a/package/exim/exim.hash +++ b/package/exim/exim.hash @@ -1,2 +1,2 @@ # Locally calculated -sha256 74691e0dff4d1b5d387e9c33c86f96a8f6d2adbc781c0dec9d2061a847b07dc9 exim-4.87.tar.bz2 +sha256 d4b7994c89240d2f9a9fcd7a2dffa4b72f14379001a24266f4dbb0fbe5131514 exim-4.87.1.tar.bz2 diff --git a/package/exim/exim.mk b/package/exim/exim.mk index ed7d169..a9f4685 100644 --- a/package/exim/exim.mk +++ b/package/exim/exim.mk @@ -4,9 +4,9 @@ # ################################################################################ -EXIM_VERSION = 4.87 +EXIM_VERSION = 4.87.1 EXIM_SOURCE = exim-$(EXIM_VERSION).tar.bz2 -EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4 +EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4/old EXIM_LICENSE = GPLv2+ EXIM_LICENSE_FILES = LICENCE EXIM_DEPENDENCIES = pcre berkeleydb host-pkgconf