Subject: CVS commit: [pkgsrc-2017Q4] pkgsrc/mail
From: S.P.Zeidler
Date: 2018-03-08 21:22:06
Message id: 20180308202206.5AB52FB40@cvs.NetBSD.org

Log Message:
Pullup ticket #5719 - requested by maya
mail/exim-html: security update

Revisions pulled up:
- mail/exim-html/Makefile                                       1.36
- mail/exim-html/PLIST                                          1.17
- mail/exim-html/distinfo                                       1.29
- mail/exim/Makefile                                            1.158
- mail/exim/distinfo                                            1.68
- mail/exim/files/Makefile-DragonFly                            deleted
- mail/exim/files/os.h-DragonFly                                deleted

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Mar  7 08:24:47 UTC 2018

   Modified Files:
           pkgsrc/mail/exim: Makefile distinfo
           pkgsrc/mail/exim-html: Makefile PLIST distinfo
   Removed Files:
           pkgsrc/mail/exim/files: Makefile-DragonFly os.h-DragonFly

   Log Message:
   exim: updated to 4.90.1

   Exim version 4.90.1

   JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
         Previously only the last row was returned.

   JH/04 Bug 2217: Tighten up the parsing of DKIM signature headers. Previously
         we assumed that tags in the header were well-formed, and parsed the
         element content after inspecting only the first char of the tag.
         Assumptions at that stage could crash the receive process on malformed
         input.

   JH/05 Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
         While running the DKIM ACL we operate on the Permanent memory pool so that
         variables created with "set" persist to the DATA ACL.  Also \ 
(at any time)
         DNS lookups that fail create cache records using the Permanent pool.  But
         expansions release any allocations made on the current pool - so a dnsdb
         lookup expansion done in the DKIM ACL releases the memory used for the
         DNS negative-cache, and bad things result.  Solution is to switch to the
         Main pool for expansions.
         While we're in that code, add checks on the DNS cache during store_reset,
         active in the testsuite.
         Problem spotted, and debugging aided, by Wolfgang Breyha.

   JH/06 Fix issue with continued-connections when the DNS shifts unreliably.
         When none of the hosts presented to a transport match an already-open
         connection, close it and proceed with the list.  Previously we would
         queue the message.  Spotted by Lena with Yahoo, probably involving
         round-robin DNS.

   JH/07 Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
         Previously a spurious "250 OK id=" response was appended to \ 
the proper
         failure response.

   JH/10 Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
         rows affected is given instead).

   JH/12 Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
         SMTP connection.  Previously, when one had more receipients than the
         first, an abortive onward connection was made.  Move to full support for
         multiple onward connections in sequence, handling cutthrough connection
         for all multi-message initiating connections.

   JH/13 Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
         routers.  Previously, a multi-recipient message would fail to match the
         onward-connection opened for the first recipient, and cause its closure.

   JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
         a timeout on read on a GnuTLS initiating connection, resulting in the
         initiating connection being dropped.  This mattered most when the callout
         was marked defer_ok.  Fix to keep the two timeout-detection methods
         separate.

   HS/01 Fix Buffer overflow in base64d() (CVE-2018-6789)

   JH/16 Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
         metadata, resulting in a crash in free().

   PP/01 Fix broken Heimdal GSSAPI authenticator integration.
         Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
         Broken also in d185889f4, with init system revamp.

   To generate a diff of this commit:
   cvs rdiff -u -r1.157 -r1.158 pkgsrc/mail/exim/Makefile
   cvs rdiff -u -r1.67 -r1.68 pkgsrc/mail/exim/distinfo
   cvs rdiff -u -r1.35 -r1.36 pkgsrc/mail/exim-html/Makefile
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/mail/exim-html/PLIST
   cvs rdiff -u -r1.28 -r1.29 pkgsrc/mail/exim-html/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/mail/exim/files/Makefile-DragonFly \
       pkgsrc/mail/exim/files/os.h-DragonFly

Files:
RevisionActionfile
1.156.2.1modifypkgsrc/mail/exim/Makefile
1.67.10.1modifypkgsrc/mail/exim/distinfo
1.35.10.1modifypkgsrc/mail/exim-html/Makefile
1.16.10.1modifypkgsrc/mail/exim-html/PLIST
1.28.10.1modifypkgsrc/mail/exim-html/distinfo
1.1removepkgsrc/mail/exim/files/Makefile-DragonFly
1.1removepkgsrc/mail/exim/files/os.h-DragonFly