Navigation:
Browse pkgsrc
(this page)| 2023-10-03 10:42:44 by Patrick Welche | Files touched by this commit (2) |
Log message:
Update exim to 4.96.1
Exim version 4.96.1
-------------------
This is a security release.
JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
|
2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) |  |
Log message: revbump after textproc/icu update |
| 2022-11-23 17:21:30 by Adam Ciarcinski | Files touched by this commit (1878) | |
Log message: massive revision bump after textproc/icu update |
| 2022-07-11 12:52:29 by David Brownlee | Files touched by this commit (2) |
Log message: Fix exim build on NetBSD (support for bdb 1.x dropped) Bump PKGREVISION |
| 2022-07-02 11:24:34 by Adam Ciarcinski | Files touched by this commit (4) | |
Log message:
exim exim-html: updated to 4.96
New stuff we've added since 4.95:
- A new ACL condition: seen. Records/tests a timestamp against a key.
- A variant of the "mask" expansion operator to give normalised IPv6.
- UTC output option for exim_dumpdb, exim_fixdb.
- An event for failing TLS connects to the daemon.
- The ACL "debug" control gains options "stop", \
"pretrigger" and "trigger".
- Query-style lookups are now checked for quoting, if the query string is
built using untrusted data ("tainted"). For now lack of quoting \
is merely
logged; a future release will upgrade this to an error.
- The expansion conditions match_<list-type> and inlist now set $value for
the expansion of the "true" result of the ${if}. With a static \
list, this
can be used for de-tainting.
Notable removals since 4.95:
- the "allow_insecure_tainted_data" main config option and the
"taint" log_selector. These were deprecated in the 4.95 release.
|
| 2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952) |
Log message: *: recursive bump for perl 5.36 |
| 2022-04-18 21:12:27 by Adam Ciarcinski | Files touched by this commit (1798) | |
Log message: revbump for textproc/icu update |
| 2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063) |
Log message: revbump for icu and libffi |
| 2021-11-14 21:19:08 by Adam Ciarcinski | Files touched by this commit (5) | |
Log message:
exim exim-html: updated to 4.95
Version 4.95
------------
1. The fast-ramp two phase queue run support, previously experimental, is
now supported by default.
2. The native SRS support, previously experimental, is now supported. It is
not built unless specified in the Local/Makefile.
3. TLS resumption support, previously experimental, is now supported and
included in default builds.
4. Single-key LMDB lookups, previously experimental, are now supported.
The support is not built unless specified in the Local/Makefile.
5. Option "message_linelength_limit" on the smtp transport to enforce (by
default) the RFC 998 character limit.
6. An option to ignore the cache on a lookup.
7. Quota checking during reception (i.e. at SMTP time) for appendfile-
transport-managed quotas.
8. Sqlite lookups accept a "file=<path>" option to specify a \
per-operation
db file, replacing the previous prefix to the SQL string (which had
issues when the SQL used tainted values).
9. Lsearch lookups accept a "ret=full" option, to return both the portion
of the line matching the key, and the remainder.
10. A command-line option to have a daemon not create a notifier socket.
11. Faster TLS startup. When various configuration options contain no
expandable elements, the information can be preloaded and cached rather
than the previous behaviour of always loading at startup time for every
connection. This helps particularly for the CA bundle.
12. Proxy Protocol Timeout is configurable via "proxy_protocol_timeout"
main config option.
13. Option "smtp_accept_max_per_connection" is now expanded.
14. Log selector "queue_size_exclusive", enabled by default, to exclude the
time taken for reception from QT log elements.
15. Main option "smtp_backlog_monitor", to set a level above which listen
socket backlogs are logged.
16. Main option "hosts_require_helo", requiring HELO or EHLO before MAIL.
17. A main config option "allow_insecure_tainted_data" allows to turn
18. TLS ALPN handling. By default, refuse TLS connections that try to specify
a non-smtp (eg. http) use. Options for customising.
19. Support for MacOS (darwin) has been dropped.
|
| 2021-10-26 12:54:34 by Nia Alarie | Files touched by this commit (356) |
Log message: mail: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes The following distfiles were unfetchable (possibly fetched conditionally?): ./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch |
New packages: