Regression in 4.71-3ubuntu1.1 (lucid) when using macros
Bug #721108 reported by
Oliver Siegmar
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
exim4 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: exim4
exim4 4.71-3ubuntu1.1 (using lucid) completely stopped our mail server working, because we have three queues -DINCOMING, -DOUTGOING and the default one (no -D). Is there any way to configure a whitelist for -D switches (not the WHITELIST_D_MACROS compile time option)?
summary: |
- Regression in 4.71-3ubuntu1.1 when using macros + Regression in 4.71-3ubuntu1.1 (lucid) when using macros |
description: | updated |
To post a comment you must log in.
Unfortunately, this is the way upstream Exim has decided to fix the security issue. Use of macros is no longer supported. Even the WHITELIST_D_MACROS compile time option is just temporary and will be removed in later versions.
Here is a extract from the new EDITME file that has some information:
# By contrast, you might be maintaining a system which relies upon the ability CONFIG_ LIST.
# to override values with -D and assumes that these will be passed through to
# the delivery processes. As of Exim 4.73, this is no longer the case by
# default. Going forward, we strongly recommend that you use a shim Exim
# configuration file owned by root stored under TRUSTED_
# That shim can set macros before .include'ing your main configuration file.
In other words, for each macro that you used to be using, you should create a new configuration file that includes the main configuration file. These configuration files should be set as "trusted" by being listed in /etc/exim4/ trusted_ configs.
We apologize for the inconvenience.