Accepting request 597094 from home:pwcau:branches:server:mail

update to 4.91. Note that this removes two, previously deprecated SPF ACL conditions (err_temp and err_perm). OBS-URL: https://build.opensuse.org/request/show/597094 OBS-URL: https://build.opensuse.org/package/show/server:mail/exim?expand=0&rev=203
2018-05-02 15:09:25 +00:00 · 2018-05-02 15:09:25 +00:00 · e5a07ffaf7
commit e5a07ffaf7
parent 3bb5245254
6 changed files with 109 additions and 16 deletions
--- a/exim-4.90.1.tar.bz2
+++ b/exim-4.90.1.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:d8f510056c85fd8565242cad06560c5cb44a0678ea76241331eca096f7a6cbf0
 size 1854894
--- a/exim-4.90.1.tar.bz2.asc
+++ b/exim-4.90.1.tar.bz2.asc
@ -1,11 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCgAdFiEE0L/WueylaUpvFJ3Or0zGdqa2wUIFAlp8U0MACgkQr0zGdqa2
 wUKEiwf9GmNYK5sbmpi/c2TdfPqsqU1o76l3PoTt+kxSQi5t4j30dsqZdWvzvkuj
 k+/x1SsDRg44+wv19ynnYH4tSCZ3QSwTevyfXvR7bSGpSTCN0tTnaWm/AuBXNC8D
 9lukQckwdZckVNciRriVCLi9VTymV/tdnIxowQu/WfdEzFTXDeYzu3KoioG+jKAV
 MWhnyUDfhPYPYs+u8IKdFDE3Z9bO/I/EbgTHiR6PetLWusSugrp/MyJjICp8HsvI
 f/pMj+rytJo2hOnI9x/wpUiXb7XnnQnph3mic5BQU4DF+tI6dK1zTS66PyTYAoNI
 p6Po3uLY/umKYT+W6jxURPfC2TH1+A==
 =k4cD
 -----END PGP SIGNATURE-----
--- a/exim-4.91.tar.bz2
+++ b/exim-4.91.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:eff5b41276a0039e89af4b447da13aaa61c5823d4ec2c37353dc23577cfb02d3
 size 1912811
--- a/exim-4.91.tar.bz2.asc
+++ b/exim-4.91.tar.bz2.asc
@ -0,0 +1,10 @@
 -----BEGIN PGP SIGNATURE-----
 iQEcBAABAgAGBQJa01I+AAoJELzljIzkHzLfBRAH/R4DJhI01BTVIl6/7gQOVfST
 fmhBh3rTRXhkSR7XfzxWgNR2jJnDJReitBdjDvkgLdYZ7+S3G7+WIJeSuoP2+PPO
 VfSEWQdaeYYyvz6C81xPHo+UARnQcGTygPQpLk9XDiVYZ7X9TYUuomNX4MsK1EXb
 2ZJUJ1Sm1DoZx9MbPXJfUSPXeBJGMJwjSjh9KRssFg5VddjBc/oNHf3oL/ThodzU
 SmMyPc29r8ZZe+EC5lVumN6G8UalDFPROa/0VEYkJsj7zFG6JgIlRhWgYaIq3nGn
 m6ghRaRNQFSktjzISD+mf3ttiqyoJAPRc4x2fbvDAnUjpNQ3VuxOP8uz758cPTw=
 =I/a+
 -----END PGP SIGNATURE-----
--- a/exim.changes
+++ b/exim.changes
@ -1,3 +1,97 @@
 -------------------------------------------------------------------
 Mon Apr 16 13:57:17 UTC 2018 - wullinger@rz.uni-kiel.de
 - update to 4.91
 * DEFER rather than ERROR on redis cluster MOVED response.
 * Catch and remove uninitialized value warning in exiqsumm
 * Disallow '/' characters in queue names specified for the "queue=" ACL
    modifier.  This matches the restriction on the commandline.
 * Fix pgsql lookup for multiple result-tuples with a single column.
    Previously only the last row was returned.
 * Bug 2217: Tighten up the parsing of DKIM signature headers.
 * Bug 2215: Fix crash associated with dnsdb lookup done from DKIM ACL.
 * Fix issue with continued-connections when the DNS shifts unreliably.
 * Bug 2214: Fix SMTP responses resulting from non-accept result of MIME ACL.
 * The "support for" informational output now, which built with Content
   Scanning support, has a line for the malware scanner interfaces compiled
   in.  Interface can be individually included or not at build time.
 * The "aveserver", "kavdaemon" and "mksd" interfaces are now not included
   by the template makefile "src/EDITME".  The "STREAM" support for an older
   ClamAV interface method is removed.
 * Bug 2223: Fix mysql lookup returns for the no-data case (when the number of
   rows affected is given instead).
 * The runtime Berkeley DB library version is now additionally output by
   "exim -d -bV".  Previously only the compile-time version was shown.
 * Bug 2230: Fix cutthrough routing for nonfirst messages in an initiating
   SMTP connection.
 * Bug 2229: Fix cutthrough routing for nonstandard port numbers defined by
   routers.
 * Bug 2174: A timeout on connect for a callout was also erroneously seen as
   a timeout on read on a GnuTLS initiating connection, resulting in the
   initiating connection being dropped.
 * Relax results from ACL control request to enable cutthrough, in
   unsupported situations, from error to silently (except under debug)
   ignoring.
 * Fix Buffer overflow in base64d() (CVE-2018-6789)
 * Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
   metadata, resulting in a crash in free().
 * Fix broken Heimdal GSSAPI authenticator integration.
 * Bug 2113: Fix conversation closedown with the Avast malware scanner.
 * Bug 2239: Enforce non-usability of control=utf8_downconvert in the mail ACL.
 * Speed up macro lookups during configuration file read, by skipping non-
   macro text after a replacement (previously it was only once per line) and
   by skipping builtin macros when searching for an uppercase lead character.
 * DANE support moved from Experimental to mainline.  The Makefile control
   for the build is renamed.
 * Fix memory leak during multi-message connections using STARTTLS.
 * Bug 2236: When a DKIM verification result is overridden by ACL, DMARC
   reported the original.  Fix to report (as far as possible) the ACL
   result replacing the original.
 * Fix memory leak during multi-message connections using STARTTLS under
   OpenSSL
 * Bug 2242: Fix exim_dbmbuild to permit directoryless filenames.
 * Fix utf8_downconvert propagation through a redirect router.
 * Bug 2253: For logging delivery lines under PRDR, append the overall
   DATA response info to the (existing) per-recipient response info for
   the "C=" log element.
 * Bug 2251: Fix ldap lookups that return a single attribute having zero-
   length value.
 * Support Avast multiline protocol, this allows passing flags to
   newer versions of the scanner.
 *  Ensure that variables possibly set during message acceptance are marked
    dead before release of memory in the daemon loop.
 * Bug 2250: Fix a longstanding bug in heavily-pipelined SMTP input (such
   as a multi-recipient message from a mailinglist manager).
 * The (EXPERIMENTAL_DMARC) variable $dmarc_ar_header is withdrawn, being
   replaced by the ${authresults } expansion.
 * Bug 2257: Fix pipe transport to not use a socket-only syscall.
 * Set a handler for SIGTERM and call exit(3) if running as PID 1. This
   allows proper process termination in container environments.
 * Bug 2258: Fix spool_wireformat in combination with LMTP transport.
   Previously the "final dot" had a newline after it; ensure it is CR,LF.
 * SPF: remove support for the "spf" ACL condition outcome values "err_temp"
   and "err_perm", deprecated since 4.83 when the RFC-defined words
   " temperror" and "permerror" were introduced.
 * Re-introduce enforcement of no cutthrough delivery on transports having
   transport-filters or DKIM-signing.
 * Cutthrough: for a final-dot response timeout (and nonunderstood responses)
   in defer=pass mode supply a 450 to the initiator.  Previously the message
      would be spooled.
 * DANE: add dane_require_tls_ciphers SMTP Transport option; if unset,
      tls_require_ciphers is used as before.
 * Malware Avast: Better match the Avast multiline protocol.
 * Fix reinitialisation of DKIM logging variable between messages.
 * Bug 2255: Revert the disable of the OpenSSL session caching.
 * Add util/renew-opendmarc-tlds.sh script for safe renewal of public
   suffix list.
 * DKIM: accept Ed25519 pubkeys in SubjectPublicKeyInfo-wrapped form,
   since the IETF WG has not yet settled on that versus the original
   "bare" representation.
 * Fix syslog logging for syslog_timestamp=no and log_selector +millisec.
   Previously the millisecond value corrupted the output.
   Fix also for syslog_pid=no and log_selector +pid, for which the pid
   corrupted the output.
 -------------------------------------------------------------------
 Thu Mar 15 20:22:09 UTC 2018 - crrodriguez@opensuse.org
--- a/exim.spec
+++ b/exim.spec
@ -73,7 +73,7 @@ Requires(pre):  group(mail)
 %endif
 Requires(pre):  fileutils textutils
 %endif
-Version:        4.90.1
+Version:        4.91
 Release:        0
 %if %{with_mysql}
 BuildRequires:  mysql-devel
@ -281,7 +281,7 @@ cat <<-EOF > Local/Makefile
 	EXPERIMENTAL_DSN=yes
 	SYSTEM_ALIASES_FILE=/etc/aliases
 %if %{with dane}
-	EXPERIMENTAL_DANE=yes
+	DANE=yes
 %endif
 	EXPERIMENTAL_SOCKS=yes
 %if %{with i18n}