Ubuntu
exim4 package

Missing DKIM fixes in Xenial (Exim 4.86)

Bug #1773529 reported by Simon Arlott
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
exim4 (Ubuntu)
Fix Released
Medium
Unassigned
Xenial
Invalid
Medium
Unassigned

Bug Description

Exim is missing the following DKIM fixes, and probably many more:
https://bugs.exim.org/show_bug.cgi?id=2278
https://bugs.exim.org/show_bug.cgi?id=1721

This package is not being maintained and only receives security fixes.

It needs to either track the current Exim release or get bug fixes applied.

Applies to any critical bug fixes for DKIM between 4.86.2-2ubuntu2.3 and 4.92-7ubuntu1 that would be easily backported to 4.86.2.

 exim4 | 4.86.2-2ubuntu2 | xenial | source, all
 exim4 | 4.86.2-2ubuntu2.3 | xenial-security | source, all
 exim4 | 4.86.2-2ubuntu2.3 | xenial-updates | source, all
 exim4 | 4.90.1-1ubuntu1 | bionic | source, all
 exim4 | 4.90.1-1ubuntu1.2 | bionic-security | source, all
 exim4 | 4.90.1-1ubuntu1.2 | bionic-updates | source, all
 exim4 | 4.91-6ubuntu1 | cosmic | source, all
 exim4 | 4.91-6ubuntu1.1 | cosmic-security | source, all
 exim4 | 4.91-6ubuntu1.1 | cosmic-updates | source, all
 exim4 | 4.92-4ubuntu1 | disco | source, all
 exim4 | 4.92-4ubuntu1.1 | disco-proposed | source, all
 exim4 | 4.92-7ubuntu1 | eoan | source, all

See original description
Simon Arlott (sa.me.uk)
summary: - Missing DKIM fixes
+ Missing DKIM fixes in Xenial (Exim 4.86)
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Thanks for collecting these upstream fixes. We should definitely update xenial's exim package.

Changed in exim4 (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
tags: added: bitesize
Bryce Harrington (bryce)
Changed in exim4 (Ubuntu Xenial):
importance: Undecided → Medium
status: New → Triaged
Changed in exim4 (Ubuntu):
status: Triaged → Fix Released
summary: - Missing DKIM fixes in Xenial (Exim 4.86)
+ [SRU] Missing DKIM fixes in Xenial (Exim 4.86)
Bryce Harrington (bryce)
description: updated
Bryce Harrington (bryce)
description: updated
Revision history for this message
Bryce Harrington (bryce) wrote : Re: [SRU] Missing DKIM fixes in Xenial (Exim 4.86)

$ git log exim-4_86_2..exim-4.92 | grep -i dkim -B6 | grep ^Commit: | wc -l
122

Christian Ehrhardt  (paelzer)
tags: added: server-next
Revision history for this message
Rafael David Tinoco (rafaeldtinoco) wrote :

Thank you for taking the time to file a bug report.

I'm removing the server-next tag as this "SRU" does not fit its purposes. There is also a bigger issue on this bug and I'm classifying it as "Invalid" per SRU guidelines: https://wiki.ubuntu.com/StableReleaseUpdates (High Impact Bugs vs Other Safe Cases). There is currently no guideline for a big set of patches being backported to a specific version just "because", with no specific fix being tested and verified.

If you need a fix for an existing stable release, please read the SRU page: https://wiki.ubuntu.com/StableReleaseUpdates#When then complete steps 1 through 4 of https://wiki.ubuntu.com/StableReleaseUpdates#Procedure

Note that that SRU team would need to make a final decision on accepting an SRU.

Changed in exim4 (Ubuntu Xenial):
status: Triaged → Invalid
tags: removed: bitesize server-next
Revision history for this message
Simon Arlott (sa.me.uk) wrote :

"Bugs which may, under realistic circumstances, directly cause a loss of user data"

There are critical interoperability bugs in the DKIM implementation that will cause signature validation to fail resulting in email being rejected.

Sergio Durigan Junior (sergiodj)
tags: added: server-triage-discuss
Sergio Durigan Junior (sergiodj)
tags: removed: server-triage-discuss
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for your interest in the bug, Simon.

After discussing with the team, we reached the conclusion that this request is too broad and unspecific to be completed, especially considering it affects an old Ubuntu release. Given that it involves quite a number of patches to be backported (around 122, as per Bryce's comment), it is just no feasible to do that and introduce the risk of a potential regression for all of the exim4 users in Ubuntu.

If you would like a specific failure or limitation to be addressed, we would appreciate if you could provide instructions on how to reproduce it. We would then be able to assess the possibility of doing an SRU to address this very specific issue, which is something much easier to justify for Xenial.

If this is a really important problem for you, and if you cannot afford upgrading to a more recent Ubuntu release (where the problem has been fixed), then it may be possible to provide you a PPA with the fixes applied.

Thanks.

Bryce Harrington (bryce)
summary: - [SRU] Missing DKIM fixes in Xenial (Exim 4.86)
+ Missing DKIM fixes in Xenial (Exim 4.86)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.