<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/exim, branch 2018.02</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2018.02</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2018.02'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2018-02-20T08:04:53+00:00</updated>
<entry>
<title>exim: add upstream security fix</title>
<updated>2018-02-20T08:04:53+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2018-02-19T16:14:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=8343069e2c3cc79ad14600816a772fcd7592e291'/>
<id>urn:sha1:8343069e2c3cc79ad14600816a772fcd7592e291</id>
<content type='text'>
Fixes the following security issue:

CVE-2018-6789: Meh Chang discovered a buffer overflow flaw in a utility
function used in the SMTP listener of Exim, a mail transport agent.  A
remote attacker can take advantage of this flaw to cause a denial of
service, or potentially the execution of arbitrary code via a specially
crafted message.

Dropped ChangeLog hunk and adjusted file path of upstream commit so it
applies to tarball.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/exim: change tarball compression to xz</title>
<updated>2017-12-08T22:49:18+00:00</updated>
<author>
<name>Jerzy Grzegorek</name>
<email>jerzy.m.grzegorek@gmail.com</email>
</author>
<published>2017-12-08T19:39:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=7c42b5f38131ef19843301410e6e649c6173565d'/>
<id>urn:sha1:7c42b5f38131ef19843301410e6e649c6173565d</id>
<content type='text'>
Signed-off-by: Jerzy Grzegorek &lt;jerzy.m.grzegorek@gmail.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/exim: security bump to version 4.89.1</title>
<updated>2017-11-29T20:42:06+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-11-29T20:38:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=06473084f4945eb254e589f7935228ae613ec540'/>
<id>urn:sha1:06473084f4945eb254e589f7935228ae613ec540</id>
<content type='text'>
Fixes CVE-2017-16943 &amp; CVE-2017-16944:
https://lists.exim.org/lurker/message/20171128.215505.79ea8efa.en.html

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>exim: fix help text format</title>
<updated>2017-05-30T21:20:02+00:00</updated>
<author>
<name>Luca Ceresoli</name>
<email>luca@lucaceresoli.net</email>
</author>
<published>2017-05-30T17:01:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=54fd9482e9125822b4ec2f355c8ceb787794c2ba'/>
<id>urn:sha1:54fd9482e9125822b4ec2f355c8ceb787794c2ba</id>
<content type='text'>
Warning reported by check-package.

Signed-off-by: Luca Ceresoli &lt;luca@lucaceresoli.net&gt;
Cc: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+</title>
<updated>2017-04-01T13:16:38+00:00</updated>
<author>
<name>Rahul Bedarkar</name>
<email>rahulbedarkar89@gmail.com</email>
</author>
<published>2017-03-30T13:43:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=af31c309e73ca88ee70c52e591f90e4b89ff5e55'/>
<id>urn:sha1:af31c309e73ca88ee70c52e591f90e4b89ff5e55</id>
<content type='text'>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.

This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\&lt;GPLv2\&gt;/GPL-2.0/g'

Signed-off-by: Rahul Bedarkar &lt;rahulbedarkar89@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>package/exim: bump version to 4.89</title>
<updated>2017-03-12T13:19:50+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-03-11T15:12:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=d791e9101cc7e202b396bb86a26cad81efd501e9'/>
<id>urn:sha1:d791e9101cc7e202b396bb86a26cad81efd501e9</id>
<content type='text'>
Rebased patch #0003, added uClibc compatibility patch.

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>exim: security bump to 4.87.1</title>
<updated>2016-12-27T09:34:36+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2016-12-25T22:38:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=62f0195119187449e6f037b3d0f753de855752ae'/>
<id>urn:sha1:62f0195119187449e6f037b3d0f753de855752ae</id>
<content type='text'>
No features are added or removed. This release contains
just a fix for CVE-2016-9963

    - Fix CVE-2016-9963 - Info leak from DKIM.  When signing DKIM, if
      either LMTP or PRDR was used for delivery, the key could appear in
      logs.  Additionally, if the experimental feature "DSN_INFO" was used,
      it could appear in DSN messages (and be sent offsite).

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>Replace (e)glibc by glibc</title>
<updated>2016-06-28T20:19:22+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2016-06-08T21:40:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=416fd9cd13ae4fbad0d4499ca2ce90447603a4e1'/>
<id>urn:sha1:416fd9cd13ae4fbad0d4499ca2ce90447603a4e1</id>
<content type='text'>
Following the removal of eglibc support, this commit replaces all
occurences of "(e)glibc" by just "glibc". Most of the occurences are in
package Config.in comments.

In addition, when the form "an (e)glibc ..." was used, it is replaced by
"a glibc ...".

[Peter: add new efi* packages, s/uclibc/uClibc as suggested by Romain,
        systemd / liquid-dsp tweaks as suggested by Yann]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
Reviewed-by: Romain Naour &lt;romain.naour@gmail.com&gt;
Acked-by: "Yann E. MORIN" &lt;yann.morin.1998@free.fr&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/exim: bump version to 4.87</title>
<updated>2016-04-08T20:09:03+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2016-04-08T12:18:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=eb5e6738ef4c396b21fa43299fb8d94ef4a42f3f'/>
<id>urn:sha1:eb5e6738ef4c396b21fa43299fb8d94ef4a42f3f</id>
<content type='text'>
Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>exim: security bump to version 4.86.2</title>
<updated>2016-03-03T14:06:37+00:00</updated>
<author>
<name>Gustavo Zacarias</name>
<email>gustavo@zacarias.com.ar</email>
</author>
<published>2016-03-03T12:58:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=42a499664d3afa7923c7377008f549cf9458cd58'/>
<id>urn:sha1:42a499664d3afa7923c7377008f549cf9458cd58</id>
<content type='text'>
Fixes:
CVE-2016-1531 - All installations having Exim set-uid root and using
'perl_startup' are vulnerable to a local privilege escalation. Any user
who can start an instance of Exim (and this is normally *any* user) can
gain root privileges. If you do not use 'perl_startup' you *should* be
safe.

Signed-off-by: Gustavo Zacarias &lt;gustavo@zacarias.com.ar&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
</feed>
