[exim/el6] The wrongly named CVE-2011-1407 patch was renamed to CVE-2011-1764
Jaroslav Škarvada
jskarvad at fedoraproject.org
Sun Oct 28 18:25:52 UTC 2012
commit d2806e7488c3091b3bf331ea6a3b4955f059963d
Author: Jaroslav Škarvada <jskarvad at redhat.com>
Date: Sun Oct 28 19:25:46 2012 +0100
The wrongly named CVE-2011-1407 patch was renamed to CVE-2011-1764
- Added fix for CVE-2011-1407
Resolves: CVE-2011-1407
...407.patch => exim-4.72-0003-CVE-2011-1764.patch | 0
exim-4.72-CVE-2011-1407.patch | 38 ++++++++++++++++++++
exim.spec | 11 +++++-
3 files changed, 47 insertions(+), 2 deletions(-)
---
diff --git a/exim-4.72-0003-CVE-2011-1407.patch b/exim-4.72-0003-CVE-2011-1764.patch
similarity index 100%
rename from exim-4.72-0003-CVE-2011-1407.patch
rename to exim-4.72-0003-CVE-2011-1764.patch
diff --git a/exim-4.72-CVE-2011-1407.patch b/exim-4.72-CVE-2011-1407.patch
new file mode 100644
index 0000000..fc8258e
--- /dev/null
+++ b/exim-4.72-CVE-2011-1407.patch
@@ -0,0 +1,38 @@
+X-Git-Url: http://git.exim.org/exim.git/blobdiff_plain/337e3505b0e6cd4309db6bf6062b33fa56e06cf8..ae9094bfe313aeb9ffefc7566bd4dae49ada3cf5:/src/src/receive.c
+
+diff --git a/src/receive.c b/src/receive.c
+index 914b1d2..f331d2a 100644
+--- a/src/receive.c
++++ b/src/receive.c
+@@ -3022,14 +3022,29 @@ else
+ appears in the expanded list. */
+ if (seen_items != NULL)
+ {
++ uschar *seen_item = NULL;
++ uschar seen_item_buf[256];
+ uschar *seen_items_list = seen_items;
+- if (match_isinlist(item,
+- &seen_items_list,0,NULL,NULL,MCL_STRING,TRUE,NULL) == OK)
++ int seen_this_item = 0;
++
++ while ((seen_item = string_nextinlist(&seen_items_list, &sep,
++ seen_item_buf,
++ sizeof(seen_item_buf))) != NULL)
++ {
++ if (Ustrcmp(seen_item,item) == 0)
++ {
++ seen_this_item = 1;
++ break;
++ }
++ }
++
++ if (seen_this_item > 0)
+ {
+ DEBUG(D_receive)
+ debug_printf("acl_smtp_dkim: skipping signer %s, already seen\n", item);
+ continue;
+ }
++
+ seen_items = string_append(seen_items,&seen_items_size,&seen_items_offset,1,":");
+ }
+
diff --git a/exim.spec b/exim.spec
index 1d2f60e..13b5e32 100644
--- a/exim.spec
+++ b/exim.spec
@@ -12,7 +12,7 @@
Summary: The exim mail transfer agent
Name: exim
Version: 4.72
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Url: http://www.exim.org/
Group: System Environment/Daemons
@@ -54,7 +54,7 @@ Patch25: exim-4.69-dynlookup-config.patch
Patch26: exim-4.69-strictaliasing.patch
Patch31: exim-4.72-0001-div-by-zero.patch
Patch32: exim-4.72-0002-eval-sigfpe.patch
-Patch33: exim-4.72-0003-CVE-2011-1407.patch
+Patch33: exim-4.72-0003-CVE-2011-1764.patch
Patch34: exim-4.72-0004-CVE-2011-0017.patch
Patch35: exim-4.72-0005-CVE-2010-4345.patch
Patch36: exim-4.72-0006-CVE-2010-4345.patch
@@ -62,6 +62,7 @@ Patch37: exim-4.72-0007-CVE-2010-4345.patch
Patch38: exim-4.72-0008-CVE-2010-4345.patch
Patch39: exim-4.72-0009-CVE-2010-4345.patch
Patch40: exim-4.72-CVE-2012-5671.patch
+Patch41: exim-4.72-CVE-2011-1407.patch
Requires: /etc/pki/tls/certs /etc/pki/tls/private
Requires: /etc/aliases
@@ -204,6 +205,7 @@ greylisting unconditional.
%patch39 -p2 -b .0009
%patch40 -p1 -b .CVE-2012-5671
+%patch41 -p1 -b .CVE-2011-1407
cp src/EDITME Local/Makefile
sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
@@ -523,6 +525,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || :
%{_sysconfdir}/cron.daily/greylist-tidy.sh
%changelog
+* Sun Oct 28 2012 Jaroslav Škarvada <jskarvad at redhat.com> - 4.72-4
+- The wrongly named CVE-2011-1407 patch was renamed to CVE-2011-1764
+- Added fix for CVE-2011-1407
+ Resolves: CVE-2011-1407
+
* Thu Oct 25 2012 Jaroslav Škarvada <jskarvad at redhat.com> - 4.72-3
- Backported fix for CVE-2012-5671
Resolves: CVE-2012-5671
More information about the scm-commits
mailing list