Accepting request 546620 from home:pwcau:branches:server:mail

- add exim-CVE-2017-16944.patch: backport of commit 178ecb70987f024f0e775d87c2f8b2cf587dd542 fix for CVE-2017-16944 (#bsc1069859) OBS-URL: https://build.opensuse.org/request/show/546620 OBS-URL: https://build.opensuse.org/package/show/server:mail/exim?expand=0&rev=199
2017-12-08 08:47:08 +00:00 · 2017-12-08 08:47:08 +00:00 · b3b3b42a68
commit b3b3b42a68
parent 2d9c01ecd4
3 changed files with 51 additions and 1 deletions
--- a/exim-CVE-2017-16944.patch
+++ b/exim-CVE-2017-16944.patch
@ -0,0 +1,41 @@
+diff -ru a/src/receive.c b/src/receive.c
+--- a/src/receive.c	2017-11-30 09:15:29.593364805 +0100
+++ b/src/receive.c	2017-11-30 09:17:32.026970431 +0100
+@@ -1759,7 +1759,7 @@
+   prevent further reading), and break out of the loop, having freed the
+   empty header, and set next = NULL to indicate no data line. */
+ 
+-  if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))
+  if (ptr == 0 && ch == '.' && dot_ends)
+     {
+     ch = (receive_getc)();
+     if (ch == '\r')
+diff -ru a/src/smtp_in.c b/src/smtp_in.c
+--- a/src/smtp_in.c	2017-11-30 09:15:29.593364805 +0100
+++ b/src/smtp_in.c	2017-11-30 09:41:47.270055566 +0100
+@@ -4751,11 +4751,17 @@
+ 	? CHUNKING_LAST : CHUNKING_ACTIVE;
+       chunking_data_left = chunking_datasize;
+ 
+      /* push the current receive_* function on the "stack", and
+      replace them by bdat_getc(), which in turn will use the lwr_receive_*
+      functions to do the dirty work. */
+       lwr_receive_getc = receive_getc;
+       lwr_receive_ungetc = receive_ungetc;
+
+       receive_getc = bdat_getc;
+       receive_ungetc = bdat_ungetc;
+ 
+      dot_ends = FALSE;
+
+       DEBUG(D_any)
+         debug_printf("chunking state %d\n", (int)chunking_state);
+       goto DATA_BDAT;
+@@ -4763,6 +4769,7 @@
+ 
+     case DATA_CMD:
+     HAD(SCH_DATA);
+    dot_ends = TRUE;
+ 
+     DATA_BDAT:		/* Common code for DATA and BDAT */
+     if (!discarded && recipients_count <= 0)
--- a/exim.changes
+++ b/exim.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Nov 30 08:32:50 UTC 2017 - wullinger@rz.uni-kiel.de
+
+- add exim-CVE-2017-16944.patch:
+  backport of commit 178ecb70987f024f0e775d87c2f8b2cf587dd542
+  fix for CVE-2017-16944 (#bsc1069859)
+
 -------------------------------------------------------------------
 Mon Nov 27 10:36:17 UTC 2017 - dmueller@suse.com

--- a/exim.spec
+++ b/exim.spec
@ -109,7 +109,8 @@ Source40:       exim.service
 Patch0:         exim-tail.patch
 Patch3:         exim-CVE-2017-1000369.patch
 Patch4:         exim-CVE-2017-16943.patch
-Patch5:         exim-4.86.2-mariadb_102_compile_fix.patch
+Patch5:         exim-CVE-2017-16944.patch
+Patch6:         exim-4.86.2-mariadb_102_compile_fix.patch

 %package -n eximon
 Summary:        Eximon, an graphical frontend to administer Exim's mail queue
@ -155,6 +156,7 @@ once, if at all. The rest is done by logrotate / cron.)
 %patch3 -p 1
 %patch4 -p 1
 %patch5 -p 1
+%patch6 -p 1
 # build with fPIE/pie on SUSE 10.0 or newer, or on any other platform
 %if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930
 fPIE="-fPIE"