Fixed dec64table OOB read in b64decode

exim-4.90.1-dec64table-read-fix.patch

@@ -0,0 +1,16 @@
+diff --git a/src/base64.c b/src/src/base64.c
+index dbbd6a4..e63522e 100644
+--- a/src/base64.c
++++ b/src/base64.c
+@@ -173,7 +173,7 @@ while ((x = *code++) != 0)
+ 
+   while (isspace(y = *code++)) ;
+   /* debug_printf("b64d: '%c'\n", y); */
+-  if (y == 0 || (y = dec64table[y]) == 255)
++  if (y > 127 || (y = dec64table[y]) == 255)
+     return -1;
+ 
+   *result++ = (x << 2) | (y >> 4);
+-- 
+1.9.1
+

exim.spec

@@ -14,7 +14,7 @@
 Summary: The exim mail transfer agent
 Name: exim
 Version: 4.90.1
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2+
 Url: http://www.exim.org/
 Group: System Environment/Daemons
@@ -61,6 +61,7 @@ Patch23: exim-4.90.1-smarthost-config.patch
 Patch25: exim-4.90.1-dynlookup-config.patch
 Patch26: exim-4.85-pic.patch
 Patch27: exim-4.90.1-environment.patch
+Patch28: exim-4.90.1-dec64table-read-fix.patch
 
 Requires: /etc/pki/tls/certs /etc/pki/tls/private
 Requires: /etc/aliases
@@ -208,6 +209,8 @@ greylisting unconditional.
 %patch25 -p1 -b .dynconfig
 %patch26 -p1 -b .fpic
 %patch27 -p1 -b .environment
+# Backported from upstream
+%patch28 -p1 -b .dec64table-read-fix
 
 cp src/EDITME Local/Makefile
 sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
@@ -588,6 +591,9 @@ test "$1"  = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || :
 %{_sysconfdir}/cron.daily/greylist-tidy.sh
 
 %changelog
+* Wed Mar 14 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 4.90.1-3
+- Fixed dec64table OOB read in b64decode
+
 * Fri Feb 16 2018 Jaroslav Škarvada <jskarvad@redhat.com> - 4.90.1-2
 - Fixed mysql module