rpms/exim
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed multiple memory leaks

Browse Source 
Resolves: CVE-2017-1000369
Fixed typo causing exim-clamav to create /0750 directory
  Resolves: rhbz#1412028
This commit is contained in:
Jaroslav Škarvada 2017-08-18 17:11:35 +02:00
parent 380c24f72f
commit 2e136ca6db
2 changed files with 47 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
exim-4.87-CVE-2017-1000369.patch Normal file
View File

@ -0,0 +1,37 @@
diff --git a/src/exim.c b/src/exim.c
index ede4e0b..0e6d08c 100644
--- a/src/exim.c
+++ b/src/exim.c
@@ -3075,7 +3075,14 @@ for (i = 1; i < argc; i++)
/* -oMr: Received protocol */
- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i];
+ else if (Ustrcmp(argrest, "Mr") == 0)
+
+ if (received_protocol)
+ {
+ fprintf(stderr, "received_protocol is set already\n");
+ exit(EXIT_FAILURE);
+ }
+ else received_protocol = argv[++i];
/* -oMs: Set sender host name */
@@ -3171,7 +3178,15 @@ for (i = 1; i < argc; i++)
if (*argrest != 0)
{
- uschar *hn = Ustrchr(argrest, ':');
+ uschar *hn;
+
+ if (received_protocol)
+ {
+ fprintf(stderr, "received_protocol is set already\n");
+ exit(EXIT_FAILURE);
+ }
+
+ hn = Ustrchr(argrest, ':');
if (hn == NULL)
{
received_protocol = argrest;

12
exim.spec
View File

@ -14,7 +14,7 @@
Summary: The exim mail transfer agent Summary: The exim mail transfer agent
Name: exim Name: exim
Version: 4.87.1 Version: 4.87.1
Release: 1%{?dist} Release: 2%{?dist}
License: GPLv2+ License: GPLv2+
Url: http://www.exim.org/ Url: http://www.exim.org/
Group: System Environment/Daemons Group: System Environment/Daemons
@ -62,6 +62,7 @@ Patch25: exim-4.87-dynlookup-config.patch
# Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584
Patch26: exim-4.85-pic.patch Patch26: exim-4.85-pic.patch
Patch27: exim-4.87-environment.patch Patch27: exim-4.87-environment.patch
Patch28: exim-4.87-CVE-2017-1000369.patch
Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/pki/tls/certs /etc/pki/tls/private
Requires: /etc/aliases Requires: /etc/aliases
@ -208,6 +209,7 @@ greylisting unconditional.
%patch25 -p1 -b .dynconfig %patch25 -p1 -b .dynconfig
%patch26 -p1 -b .fpic %patch26 -p1 -b .fpic
%patch27 -p1 -b .environment %patch27 -p1 -b .environment
%patch28 -p1 -b .CVE-2017-1000369
cp src/EDITME Local/Makefile cp src/EDITME Local/Makefile
sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
@ -519,7 +521,7 @@ fi
%if %{with clamav} %if %{with clamav}
%post clamav %post clamav
/bin/mkdir -p 0750 %{_var}/run/clamd.exim /bin/mkdir -pm 0750 %{_var}/run/clamd.exim
/bin/chown exim:exim %{_var}/run/clamd.exim /bin/chown exim:exim %{_var}/run/clamd.exim
/bin/touch %{_var}/log/clamd.exim /bin/touch %{_var}/log/clamd.exim
/bin/chown exim.exim %{_var}/log/clamd.exim /bin/chown exim.exim %{_var}/log/clamd.exim
@ -587,6 +589,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || :
%{_sysconfdir}/cron.daily/greylist-tidy.sh %{_sysconfdir}/cron.daily/greylist-tidy.sh
%changelog %changelog
* Fri Aug 18 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 4.87.1-2
- Fixed multiple memory leaks
Resolves: CVE-2017-1000369
- Fixed typo causing exim-clamav to create /0750 directory
Resolves: rhbz#1412028
* Sun Dec 25 2016 David Woodhouse <dwmw2@infradead.org> - 4.87.1-1 * Sun Dec 25 2016 David Woodhouse <dwmw2@infradead.org> - 4.87.1-1
- Update to 4.87.1 (CVE-2016-9963 / rhbz#1405323) - Update to 4.87.1 (CVE-2016-9963 / rhbz#1405323)