parent
0b307bc6ad
commit
abd09da2d4
|
@ -0,0 +1,41 @@
|
||||||
|
diff --git a/src/receive.c b/src/receive.c
|
||||||
|
index 3246621..f19c8b9 100644
|
||||||
|
--- a/src/receive.c
|
||||||
|
+++ b/src/receive.c
|
||||||
|
@@ -1827,7 +1827,7 @@ for (;;)
|
||||||
|
prevent further reading), and break out of the loop, having freed the
|
||||||
|
empty header, and set next = NULL to indicate no data line. */
|
||||||
|
|
||||||
|
- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))
|
||||||
|
+ if (ptr == 0 && ch == '.' && dot_ends)
|
||||||
|
{
|
||||||
|
ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
|
||||||
|
if (ch == '\r')
|
||||||
|
diff --git a/src/smtp_in.c b/src/smtp_in.c
|
||||||
|
index 1b45f84..0207540 100644
|
||||||
|
--- a/src/smtp_in.c
|
||||||
|
+++ b/src/smtp_in.c
|
||||||
|
@@ -4955,16 +4955,23 @@ while (done <= 0)
|
||||||
|
DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n",
|
||||||
|
(int)chunking_state, chunking_data_left);
|
||||||
|
|
||||||
|
+ /* push the current receive_* function on the "stack", and
|
||||||
|
+ replace them by bdat_getc(), which in turn will use the lwr_receive_*
|
||||||
|
+ functions to do the dirty work. */
|
||||||
|
lwr_receive_getc = receive_getc;
|
||||||
|
lwr_receive_ungetc = receive_ungetc;
|
||||||
|
+
|
||||||
|
receive_getc = bdat_getc;
|
||||||
|
receive_ungetc = bdat_ungetc;
|
||||||
|
|
||||||
|
+ dot_ends = FALSE;
|
||||||
|
+
|
||||||
|
goto DATA_BDAT;
|
||||||
|
}
|
||||||
|
|
||||||
|
case DATA_CMD:
|
||||||
|
HAD(SCH_DATA);
|
||||||
|
+ dot_ends = TRUE;
|
||||||
|
|
||||||
|
DATA_BDAT: /* Common code for DATA and BDAT */
|
||||||
|
if (!discarded && recipients_count <= 0)
|
10
exim.spec
10
exim.spec
|
@ -14,7 +14,7 @@
|
||||||
Summary: The exim mail transfer agent
|
Summary: The exim mail transfer agent
|
||||||
Name: exim
|
Name: exim
|
||||||
Version: 4.89
|
Version: 4.89
|
||||||
Release: 8%{?dist}
|
Release: 9%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Url: http://www.exim.org/
|
Url: http://www.exim.org/
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
|
@ -69,7 +69,10 @@ Patch28: exim-4.89-CVE-2017-1000369.patch
|
||||||
# https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b
|
# https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b
|
||||||
Patch29: exim-4.89-calloutsize.patch
|
Patch29: exim-4.89-calloutsize.patch
|
||||||
Patch30: exim-4.89-mariadb-macro-fix.patch
|
Patch30: exim-4.89-mariadb-macro-fix.patch
|
||||||
|
# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2199
|
||||||
Patch31: exim-4.89-CVE-2017-16943.patch
|
Patch31: exim-4.89-CVE-2017-16943.patch
|
||||||
|
# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2201
|
||||||
|
Patch32: exim-4.89-CVE-2017-16944.patch
|
||||||
|
|
||||||
Requires: /etc/pki/tls/certs /etc/pki/tls/private
|
Requires: /etc/pki/tls/certs /etc/pki/tls/private
|
||||||
Requires: /etc/aliases
|
Requires: /etc/aliases
|
||||||
|
@ -220,6 +223,7 @@ greylisting unconditional.
|
||||||
%patch29 -p1 -b .calloutsize
|
%patch29 -p1 -b .calloutsize
|
||||||
%patch30 -p1 -b .mariadb-macro-fix
|
%patch30 -p1 -b .mariadb-macro-fix
|
||||||
%patch31 -p1 -b .CVE-2017-16943
|
%patch31 -p1 -b .CVE-2017-16943
|
||||||
|
%patch32 -p1 -b .CVE-2017-16944
|
||||||
|
|
||||||
cp src/EDITME Local/Makefile
|
cp src/EDITME Local/Makefile
|
||||||
sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
|
sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
|
||||||
|
@ -600,6 +604,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || :
|
||||||
%{_sysconfdir}/cron.daily/greylist-tidy.sh
|
%{_sysconfdir}/cron.daily/greylist-tidy.sh
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Dec 1 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 4.89-9
|
||||||
|
- Fixed denial of service
|
||||||
|
Resolves: CVE-2017-16944
|
||||||
|
|
||||||
* Thu Nov 30 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 4.89-8
|
* Thu Nov 30 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 4.89-8
|
||||||
- Dropped tcp_wrappers support
|
- Dropped tcp_wrappers support
|
||||||
Resolves: rhbz#1518763
|
Resolves: rhbz#1518763
|
||||||
|
|
Loading…
Reference in New Issue