Hi, this is an update to exim 4.77. This updates changes the default behaviour of certain expansions, more to be read here:
<url: http://www.gossamer-threads.com/lists/exim/announce/92353> The announcement mail for 4.77 is here: <url: http://www.gossamer-threads.com/lists/exim/announce/92437> Any tests, especially of the flavoured versions more than welcome. felix Index: Makefile =================================================================== RCS file: /cvs/ports/mail/exim/Makefile,v retrieving revision 1.83 diff -u -r1.83 Makefile --- Makefile 17 Jul 2011 20:15:59 -0000 1.83 +++ Makefile 17 Oct 2011 12:01:47 -0000 @@ -3,12 +3,12 @@ CATEGORIES = mail COMMENT-main = flexible mail transfer agent COMMENT-eximon = X11 monitor tool for Exim MTA -VERSION = 4.76 +VERSION = 4.77 DISTNAME = exim-${VERSION} PKGNAME-main = exim-${VERSION} FULLPKGNAME-eximon = exim-eximon-${VERSION} FULLPKGPATH-eximon = ${PKGPATH},-eximon -REVISION-main = 1 +REVISION-main = 0 MASTER_SITES = http://ftp.exim.org/pub/exim/exim4/ \ http://ftp.exim.org/pub/exim/exim4/old/ \ ftp://ftp.exim.org/pub/exim/exim4/ \ Index: distinfo =================================================================== RCS file: /cvs/ports/mail/exim/distinfo,v retrieving revision 1.20 diff -u -r1.20 distinfo --- distinfo 9 May 2011 14:56:56 -0000 1.20 +++ distinfo 17 Oct 2011 12:01:47 -0000 @@ -1,5 +1,5 @@ -MD5 (exim-4.76.tar.gz) = T8OXDU+7HUlRtbYz3r0NSA== -RMD160 (exim-4.76.tar.gz) = a8MWCKG8H0OjYtvLkUB/ZvqIwsM= -SHA1 (exim-4.76.tar.gz) = ExIWRKnf1sBm9l20rWcDo9xDLIo= -SHA256 (exim-4.76.tar.gz) = mXbJ7+bDBLG/iRoWlZMapdGNw3T3134voIKqx1OyJy0= -SIZE (exim-4.76.tar.gz) = 2068071 +MD5 (exim-4.77.tar.gz) = 3B8p9odVbw8OmPveGfmO9A== +RMD160 (exim-4.77.tar.gz) = 6/kbDf+blCKW24umVAhj5qFROtY= +SHA1 (exim-4.77.tar.gz) = LBumuPYntxs7WPwMxW45RZDc0dw= +SHA256 (exim-4.77.tar.gz) = FkmActgsdNKf6eCctG+QYN4b0MtXIczAcZkK9hLumjw= +SIZE (exim-4.77.tar.gz) = 2035914 Index: files/Makefile =================================================================== RCS file: /cvs/ports/mail/exim/files/Makefile,v retrieving revision 1.14 diff -u -r1.14 Makefile --- files/Makefile 9 May 2011 14:56:56 -0000 1.14 +++ files/Makefile 17 Oct 2011 12:01:48 -0000 @@ -1,5 +1,3 @@ -# $Cambridge: exim/src/src/EDITME,v 1.27 2010/06/12 15:21:25 jetmore Exp $ - ################################################## # The Exim mail transport agent # ################################################## @@ -1205,6 +1203,26 @@ # SUPPORT_MOVE_FROZEN_MESSAGES=yes + +#------------------------------------------------------------------------------ +# Expanding match_* second paramters: BE CAREFUL IF ENABLING THIS! +# It has proven too easy in practice for administrators to configure security +# problems into their Exim install, by treating match_domain{}{} and friends +# as a form of string comparison, where the second string comes from untrusted +# data. Because these options take lists, which can include lookup;LOOKUPDATA +# style elements, a foe can then cause Exim to, eg, execute an arbitrary MySQL +# query, dropping tables. +# From Exim 4.77 onwards, the second parameter is not expanded; it can still +# be a list literal, or a macro, or a named list reference. There is also +# the new expansion condition "inlisti" which does expand the second parameter, +# but treats it as a list of strings; also, there's "eqi" which is probably +# what is normally wanted. +# +# If you really need to have the old behaviour, know what you are doing and +# will not complain if your system is compromised as a result of doing so, then +# uncomment this option to get the old behaviour back. + +# EXPAND_LISTMATCH_RHS=yes #------------------------------------------------------------------------------ # Disabling the use of fsync(): DO NOT UNCOMMENT THE FOLLOWING LINE unless you -- GPG/PGP: D9AC74D0 / 076E 1E87 3E05 1C7F B1A0 8A48 0D31 9BD3 D9AC 74D0 http://hazardous.org/~fkr - fkr@silc|irc - @felixkronlage - FKR-RIPE https://www.bytemine.net/ - bytemine - BSD based Hosting/Solutions/Ideas
