tag 862652 pending
thanks
Hello,
Bug #862652 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
https://anonscm.debian.org/cgit/debian-edu/debian-edu-config.git/commit/?id=2df015a
---
commit 2df015aaf005803a57cc83b1c765fa7043353c1b
Author: Wolfgang Schweer <wschw...@arcor.de>
Date: Thu May 18 18:06:31 2017 +0200
Add changelog entry for the exim4 security fixes.
diff --git a/debian/changelog b/debian/changelog
index 51e70ba..c1585f4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,15 @@
debian-edu-config (1.818+deb8u3) UNRELEASED; urgency=medium
[ Wolfgang Schweer ]
+ * Fix broken exim4 configuration, enable security. (Closes: #862652).
+ - Add share/debian-edu-config/tools/exim4-create-cert.
+ - Add share/debian-edu-config/tools/exim4-create-environment.
+ - Adjust cf/cf.exim to use both scripts.
+ - Adjust etc/exim4/exim-ldap-server-v4.conf.
+ + Make it work after the exim4 security fix for CVE-2016-1531.
+ + Improve security: create certificate to enable TLS, re-enable
+ identity check via Kerberos; now only system mail to postmaster
+ is enabled unconditionally; see #794602.
* Fix apache userdir configuration:
- cf/apache2.cf: replace userdir with debian-edu-userdir.
- Adjust debian-edu-userdir.conf to work with apache 2.4.
