Ubuntu
exim4 package

Merge exim4 from Debian unstable for oracular

Bug #2064401 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
exim4 (Ubuntu)
Fix Released
Undecided
Bryce Harrington
Ubuntu ubuntu-24.05

Bug Description

Upstream: tbd
Debian: 4.97-8
Ubuntu: 4.97-4ubuntu4

Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38

### New Debian Changes ###

exim4 (4.97-8) unstable; urgency=medium

  * Pull fixes from upstream GIT master:
    + 78_35-Fix-encoding-for-AUTH-on-MAIL-FROM.patch
    + 78_37-Logging-fix-receive-time-crash-with-recipients-loggi.patch
    + 78_39-SRS-fix-encode-for-local-part-with-zero-length-quote.patch (exim
      bug #3087)

 -- Andreas Metzler <email address hidden> Sun, 07 Apr 2024 07:50:45 +0200

exim4 (4.97-7) unstable; urgency=medium

  * Pull fixes from upstream GIT master:
    + 78_30-Rewrites-fix-delivery-crash-from-constant-errors_to..patch (exim
      bug #3066)
    + 78_31-Lookups-fix-dbmnz-crash-on-zero-length-datum.-Bug-30.patch (exim
      bug #3081)
  * Update lintian overrides.

 -- Andreas Metzler <email address hidden> Mon, 01 Apr 2024 10:45:05 +0200

exim4 (4.97-6) unstable; urgency=high

  * Add b-d on libnsl-dev to fix (temporary) FTBFS. Closes: #1065107
  * Pull fixes from upstream GIT master:
    78_10-Use-non-releaseable-memory-for-regex-match-strings.-.patch
    78_11-use-dynamic-mem-for-regex_match_string.patch
    78_12-Use-non-releasable-memory-for-regex-line-buffer.patch
    78_15-regex-avoid-releasing-built-RE-midloop.patch
    78_21-Lookups-avoid-leaking-user-passwd-from-server-spec-t.patch
    78_23-Fix-crash-on-empty-oMt-argument.-Bug-3070.patch
  * 78_06, 78_07, 78_10, 78_11, 78_12 and 78_15 together Closes: #1053447

 -- Andreas Metzler <email address hidden> Fri, 01 Mar 2024 18:09:49 +0100

exim4 (4.97-5) unstable; urgency=low

  * Multiple fixes from upstream GIT master:
    + 73_Check-for-missing-commandline-arg-after-options-taki.patch (upstream
      bug #3049)
    + 76_01-Support-old-format-message_id-spoolfiles-for-mailq-b.patch
      (upstream bug #3050)
    + 76_05-Fix-periodic-queue-runs.-Bug-3046.patch (upstream bug #3046)
    + 78_01-Fix-recipient-or-source-selection-in-combination-wit.patch
      (upstream bug #3064)
    + 78_02-Eximon-handle-new-format-message-IDs.patch (upstream bug #)
    + 78_03-Lookups-log-warning-for-deprecated-syntax.-Bug-3068.patch
      (upstream bug #3068)
    + 78_04-Exinext-handle-new-format-message-IDs.patch
    + 78_05-TLS-fix-startup-after-forced-fail.patch (upstream bug #)
    + 78_06-Appendfile-release-regex-match-store-every-thousand-.patch
      (upstream bug #3047)
    + 78_07-ACL-in-regex-condition-release-store-every-thousand-.patch
      (upstream bug #3047)
    + 78_08-Fix-smtp-transport-response-to-close-after-all-rcpt-.patch
      (upstream bug #3059)

 -- Andreas Metzler <email address hidden> Sun, 28 Jan 2024 14:08:10 +0100

exim4 (4.97-4) unstable; urgency=medium

  * autopkgtest: Stop using previously deprecated swaks feature to autodetect
    whether the argument for --data was a file. This was dropped in swaks
    20240102.0.

 -- Andreas Metzler <email address hidden> Sat, 06 Jan 2024 07:48:19 +0100

exim4 (4.97-3) unstable; urgency=medium

  * Fixes from upstream GIT master:
    77_01-Reject-dot-LF-as-ending-data-phase.-Bug-3063.patch
    77_02-Use-enum-for-body-data-input-state-machine.patch
    77_03-Reject-dot-LF-as-ending-data-phase-pt.-2-.-Bug-3063.patch
    + Enforce a data synch check before emitting the 354 'go ahead'.
      Previously this was only done if a pre-data ACL was configured.
    + Refuse to accept a line 'dot, LF' as end-of-DATA unless operating in
      LF-only mode (as detected from the first header line). Previously we
      did accept that in (normal) CRLF mode; this has been raised as a
      possible attack scenario (under the name 'smtp smuggling').
    Closes: #1059387 CVE-2023-51766

 -- Andreas Metzler <email address hidden> Mon, 25 Dec 2023 07:50:16 +0100

exim4 (4.97-2) unstable; urgency=medium

  * Add 75-04-Lookups-Fix-dnsdb-lookup-of-multi-chunk-TXT.-Bug-305.patch from
    upstream git master to fix dnsdb lookup regression. (Upstream bug 3054)
  * Due to being rebuilt with a newer debhelper exim4-base.service
    and exim4-base.timer move to /usr/lib/systemd/.

 -- Andreas Metzler <email address hidden> Sat, 18 Nov 2023 13:02:52 +0100

exim4 (4.97-1) unstable; urgency=medium

  * Drop reference to QUEUEINTERVAL from conf.d/retry/30_exim4-config.
    (Thanks, Vincent Lefevre!) Closes: #1054492
  * New upstream version.
    + Update debian/copyright.

 -- Andreas Metzler <email address hidden> Sat, 04 Nov 2023 18:28:43 +0100

### Old Ubuntu Delta ###

exim4 (4.97-4ubuntu4) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 18:12:56 +0000

exim4 (4.97-4ubuntu3) noble; urgency=medium

  * No-change rebuild against libperl5.38t64

 -- Steve Langasek <email address hidden> Sat, 09 Mar 2024 18:19:06 +0000

exim4 (4.97-4ubuntu2) noble; urgency=medium

  * No-change rebuild against libdb5.3t64

 -- Steve Langasek <email address hidden> Sat, 02 Mar 2024 20:31:24 +0000

exim4 (4.97-4ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2051408). Remaining changes:
    - Show Ubuntu distribution in SMTP banner
      + d/p/fix_smtp_banner.patch: Show Ubuntu distribution
        in SMTP banner.
      + d/control: Build-Depends on lsb-release to detect Distribution.
     - Disable external SPF support to avoid Build-Depends on libspf2-dev
       (only available in universe). SPF can still be implemented via
       spf-tools-perl, as documented in exim4.conf.template. This reverts
       Vcs-Git commit 494f1fe, first released in 4.95~RC0-1.
       (LP #1952738)
       + d/control: drop Build-Depends on libspf2-dev.
       + d/EDITME.exim4-heavy.diff: disable support for libspf2.
       + d/d/c/a/30_exim4-config_check_rcpt: restore SPF logic based
         on spfquery.mail-spf-perl from spf-tools-perl, but without
         the previously supported helo detection.

 -- Bryce Harrington <email address hidden> Fri, 26 Jan 2024 17:11:37 -0800

Related branches

~bryce/ubuntu/+source/exim4:merge-v4.97-8-oracular
git-ubuntu bot: Approve
Andreas Hasenack: Approve
Canonical Server Reporter: Pending requested
Canonical Server packageset reviewers: Pending requested
Canonical Server Core Reviewers: Pending requested
Diff: 1825 lines (+1262/-20)
6 files modified
debian/EDITME.exim4-heavy.diff (+0/-12)
debian/changelog (+1176/-0)
debian/control (+3/-2)
debian/debconf/conf.d/acl/30_exim4-config_check_rcpt (+27/-6)
debian/patches/fix_smtp_banner.patch (+55/-0)
debian/patches/series (+1/-0)
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu):
milestone: none → ubuntu-24.07
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu):
assignee: nobody → Bryce Harrington (bryce)
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu):
milestone: ubuntu-24.07 → ubuntu-24.06
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu):
milestone: ubuntu-24.06 → ubuntu-24.05
status: New → In Progress
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.2 KiB)

This bug was fixed in the package exim4 - 4.97-8ubuntu1

---------------
exim4 (4.97-8ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2064401). Remaining changes:
    - Show Ubuntu distribution in SMTP banner
      + d/p/fix_smtp_banner.patch: Show Ubuntu distribution
        in SMTP banner.
      + d/control: Build-Depends on lsb-release to detect Distribution.
     - Disable external SPF support to avoid Build-Depends on libspf2-dev
       (only available in universe). SPF can still be implemented via
       spf-tools-perl, as documented in exim4.conf.template. This reverts
       Vcs-Git commit 494f1fe, first released in 4.95~RC0-1.
       (LP #1952738)
       + d/control: drop Build-Depends on libspf2-dev.
       + d/EDITME.exim4-heavy.diff: disable support for libspf2.
       + d/d/c/a/30_exim4-config_check_rcpt: restore SPF logic based
         on spfquery.mail-spf-perl from spf-tools-perl, but without
         the previously supported helo detection.

exim4 (4.97-8) unstable; urgency=medium

  * Pull fixes from upstream GIT master:
    + 78_35-Fix-encoding-for-AUTH-on-MAIL-FROM.patch
    + 78_37-Logging-fix-receive-time-crash-with-recipients-loggi.patch
    + 78_39-SRS-fix-encode-for-local-part-with-zero-length-quote.patch (exim
      bug #3087)

exim4 (4.97-7) unstable; urgency=medium

  * Pull fixes from upstream GIT master:
    + 78_30-Rewrites-fix-delivery-crash-from-constant-errors_to..patch (exim
      bug #3066)
    + 78_31-Lookups-fix-dbmnz-crash-on-zero-length-datum.-Bug-30.patch (exim
      bug #3081)
  * Update lintian overrides.

exim4 (4.97-6) unstable; urgency=high

  * Add b-d on libnsl-dev to fix (temporary) FTBFS. Closes: #1065107
  * Pull fixes from upstream GIT master:
    78_10-Use-non-releaseable-memory-for-regex-match-strings.-.patch
    78_11-use-dynamic-mem-for-regex_match_string.patch
    78_12-Use-non-releasable-memory-for-regex-line-buffer.patch
    78_15-regex-avoid-releasing-built-RE-midloop.patch
    78_21-Lookups-avoid-leaking-user-passwd-from-server-spec-t.patch
    78_23-Fix-crash-on-empty-oMt-argument.-Bug-3070.patch
  * 78_06, 78_07, 78_10, 78_11, 78_12 and 78_15 together Closes: #1053447

exim4 (4.97-5) unstable; urgency=low

  * Multiple fixes from upstream GIT master:
    + 73_Check-for-missing-commandline-arg-after-options-taki.patch (upstream
      bug #3049)
    + 76_01-Support-old-format-message_id-spoolfiles-for-mailq-b.patch
      (upstream bug #3050)
    + 76_05-Fix-periodic-queue-runs.-Bug-3046.patch (upstream bug #3046)
    + 78_01-Fix-recipient-or-source-selection-in-combination-wit.patch
      (upstream bug #3064)
    + 78_02-Eximon-handle-new-format-message-IDs.patch (upstream bug #)
    + 78_03-Lookups-log-warning-for-deprecated-syntax.-Bug-3068.patch
      (upstream bug #3068)
    + 78_04-Exinext-handle-new-format-message-IDs.patch
    + 78_05-TLS-fix-startup-after-forced-fail.patch (upstream bug #)
    + 78_06-Appendfile-release-regex-match-store-every-thousand-.patch
      (upstream bug #3047)
    + 78_07-ACL-in-regex-condition-release-store-every-thousand-.patch
      (upstream bug #3047)
    + 78_08-Fix-smtp-transport-response-to-close-after-all-rcpt-.patch...

Read more...

Changed in exim4 (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.