Hi,
attached diff updates exim to 4.75. One patch
is removed, since this is now part of exim.
any other additions/changes wanted?
felix
Index: Makefile
===================================================================
RCS file: /data/cvsmirror/src/openbsd/ports/mail/exim/Makefile,v
retrieving revision 1.80
diff -u -r1.80 Makefile
--- Makefile 7 Feb 2011 16:01:26 -0000 1.80
+++ Makefile 26 Mar 2011 11:11:19 -0000
@@ -3,10 +3,9 @@
CATEGORIES = mail
COMMENT-main = flexible mail transfer agent
COMMENT-eximon = X11 monitor tool for Exim MTA
-VERSION = 4.73
+VERSION = 4.75
DISTNAME = exim-${VERSION}
PKGNAME-main = exim-${VERSION}
-REVISION-main = 0
FULLPKGNAME-eximon = exim-eximon-${VERSION}
FULLPKGPATH-eximon = ${PKGPATH},-eximon
MASTER_SITES = ftp://ftp.exim.org/pub/exim/exim4/ \
Index: distinfo
===================================================================
RCS file: /data/cvsmirror/src/openbsd/ports/mail/exim/distinfo,v
retrieving revision 1.19
diff -u -r1.19 distinfo
--- distinfo 12 Jan 2011 05:45:29 -0000 1.19
+++ distinfo 26 Mar 2011 11:11:19 -0000
@@ -1,5 +1,5 @@
-MD5 (exim-4.73.tar.gz) = 9j+ymqDEobjJjWlfHIJBdA==
-RMD160 (exim-4.73.tar.gz) = 81TEbqA2h/yXFcXSKMMybxNqtiw=
-SHA1 (exim-4.73.tar.gz) = QaICWyUOISvz1okNxmNu60+gh7k=
-SHA256 (exim-4.73.tar.gz) = C6a4ZdUuQwzapZAyLHwbH4tkrflK1+N04ISQR+982aY=
-SIZE (exim-4.73.tar.gz) = 2051165
+MD5 (exim-4.75.tar.gz) = 3Z7b10zfOjwwa5QwfgZoLA==
+RMD160 (exim-4.75.tar.gz) = ShfUyzzG/ttQwFYVm4mrOEHa/EI=
+SHA1 (exim-4.75.tar.gz) = Snz69w3c/eWLjmjJiutrYYVrCr0=
+SHA256 (exim-4.75.tar.gz) = w8xrxUIvfox770/FBzkTFbPXDVDUwnmznPzji3RLHbM=
+SIZE (exim-4.75.tar.gz) = 2064581
Index: patches/patch-src_log_c
===================================================================
RCS file: patches/patch-src_log_c
diff -N patches/patch-src_log_c
--- patches/patch-src_log_c 7 Feb 2011 16:01:26 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,41 +0,0 @@
-$OpenBSD: patch-src_log_c,v 1.1 2011/02/07 16:01:26 jasper Exp $
-
-Security fix for CVE-2011-0017
-Privilege escalation from exim run-time user to root.
-
-Patch extracted from exim 3.74.
-
---- src/log.c.orig Sun Dec 26 19:17:23 2010
-+++ src/log.c Mon Feb 7 14:11:37 2011
-@@ -361,17 +361,26 @@ are neither exim nor root, creation is not attempted.
-
- else if (euid == root_uid)
- {
-- int status;
-+ int status, rv;
- pid_t pid = fork();
-
- /* In the subprocess, change uid/gid and do the creation. Return 0 from the
-- subprocess on success. There doesn't seem much point in testing for setgid
-- and setuid errors. */
-+ subprocess on success. If we don't check for setuid failures, then the file
-+ can be created as root, so vulnerabilities which cause setuid to fail mean
-+ that the Exim user can use symlinks to cause a file to be opened/created as
-+ root. We always open for append, so can't nuke existing content but it would
-+ still be Rather Bad. */
-
- if (pid == 0)
- {
-- (void)setgid(exim_gid);
-- (void)setuid(exim_uid);
-+ rv = setgid(exim_gid);
-+ if (rv)
-+ die(US"exim: setgid for log-file creation failed, aborting",
-+ US"Unexpected log failure, please try later");
-+ rv = setuid(exim_uid);
-+ if (rv)
-+ die(US"exim: setuid for log-file creation failed, aborting",
-+ US"Unexpected log failure, please try later");
- _exit((create_log(buffer) < 0)? 1 : 0);
- }
-
