Bug 240362 - mail/exim: Update to 4.92.2 (Fixes CVE-2019-15846)
Summary: mail/exim: Update to 4.92.2 (Fixes CVE-2019-15846)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Vsevolod Stakhov
URL: https://git.exim.org/exim.git/blob/26...
Keywords: security
Depends on:
Blocks:
 
Reported: 2019-09-06 10:20 UTC by Pascal Christen
Modified: 2019-09-06 12:59 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (vsevolod)
koobs: merge-quarterly?


Attachments
Patch for update (867 bytes, patch)
2019-09-06 10:22 UTC, Pascal Christen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Pascal Christen 2019-09-06 10:22:54 UTC
Created attachment 207224 [details]
Patch for update
Comment 2 commit-hook freebsd_committer freebsd_triage 2019-09-06 10:26:55 UTC
A commit references this bug:

Author: vsevolod
Date: Fri Sep  6 10:26:50 UTC 2019
New revision: 511291
URL: https://svnweb.freebsd.org/changeset/ports/511291

Log:
  - Fix just another awful RCE in Exim: CVE-2019-15846

  PR:		240362
  Submitted by:	Pascal Christen <pascal.christen hostpoint.ch>
  MFH:		2019Q3

Changes:
  head/mail/exim/Makefile
  head/mail/exim/distinfo
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2019-09-06 10:36:24 UTC
Pending VuXML entry and MFH
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2019-09-06 10:37:58 UTC
VuXML entry added in ports r511293
Comment 5 Vsevolod Stakhov freebsd_committer freebsd_triage 2019-09-06 10:38:09 UTC
VuXML entry is added. MFH request is in the ports-secteam@ work queue.
Comment 6 commit-hook freebsd_committer freebsd_triage 2019-09-06 12:50:12 UTC
A commit references this bug:

Author: vsevolod
Date: Fri Sep  6 12:49:44 UTC 2019
New revision: 511315
URL: https://svnweb.freebsd.org/changeset/ports/511315

Log:
  MFH: r511291

  - Fix just another awful RCE in Exim: CVE-2019-15846

  PR:		240362
  Submitted by:	Pascal Christen <pascal.christen hostpoint.ch>
  Security:	61db9b88-d091-11e9-8d41-97657151f8c2

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2019Q3/
  branches/2019Q3/mail/exim/Makefile
  branches/2019Q3/mail/exim/distinfo
Comment 7 Vsevolod Stakhov freebsd_committer freebsd_triage 2019-09-06 12:59:16 UTC
All done, thank you for the report!