Attachment #245412 for bug #274235

Lines 1-6 Link Here

(-)b/mail/exim/Makefile (-2 / +2 lines)
1	PORTNAME= exim	1	PORTNAME= exim
2	PORTVERSION?= ${EXIM_VERSION}	2	PORTVERSION?= ${EXIM_VERSION}
3	PORTREVISION?= 1	3	PORTREVISION?= 0
4	CATEGORIES= mail	4	CATEGORIES= mail
5	MASTER_SITES= EXIM:exim	5	MASTER_SITES= EXIM:exim
6	MASTER_SITE_SUBDIR= /exim4/:exim \	6	MASTER_SITE_SUBDIR= /exim4/:exim \
Lines 130-136 EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.c Link Here
130	EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.conf	130	EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.conf
131	.endif	131	.endif
132		132
133	EXIM_VERSION= 4.96	133	EXIM_VERSION= 4.96.1
134	SA_EXIM_VERSION=4.2.1	134	SA_EXIM_VERSION=4.2.1
135	EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink"	135	EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink"
136	EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name '74_*.patch'\|${SORT} -h`	136	EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name '74_*.patch'\|${SORT} -h`

Lines 1-5 Link Here

(-)b/mail/exim/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1681024359	1	TIMESTAMP = 1696250210
2	SHA256 (exim/exim-4.96.tar.bz2) = c7a413fec601cc44a8f5fe9e5b64cb24a7d133f3a4a976f33741d98ff0ec6b91	2	SHA256 (exim/exim-4.96.1.tar.bz2) = 26bbcd4f45483c7138912b4bd31022aee8abf8ac7cdff55839d7e2a9e4c60692
3	SIZE (exim/exim-4.96.tar.bz2) = 2047632	3	SIZE (exim/exim-4.96.1.tar.bz2) = 2048927
4	SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1	4	SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1
5	SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933	5	SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933




Subject: [PATCH] Fix exit on attempt to rewrite a malformed address.  Bug 2903

---
 doc/ChangeLog        |   5 +
 src/rewrite.c            |   9 +-
 test/confs/0471              |   7 +
 test/log/0471                |   5 +

 test/stderr/0471             | 245 ++++++++++++++++++++++++++++++++++-
 6 files changed, 267 insertions(+), 8 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,9 +1,14 @@
 This document describes *changes* to previous versions, that might
 affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
+JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
+      Make the rewrite never match and keep the logging.  Trust the
+      admin to be using verify=header-syntax (to actually reject the message).
+
+
 Exim version 4.96
 -----------------
 
 JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
       after reception to before a subsequent reception.  This should
--- a/src/rewrite.c
+++ b/src/rewrite.c
@@ -493,19 +493,18 @@




Subject: [PATCH] Fix $regex<n> use-after-free.  Bug 2915

---
 doc/ChangeLog           |  8 +++++++-
 src/exim.c                  |  4 +---
 src/expand.c                |  2 +-
 src/functions.h             |  1 +

 src/smtp_in.c               |  2 ++
 7 files changed, 55 insertions(+), 17 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -4,15 +4,21 @@
 
 JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
       Make the rewrite never match and keep the logging.  Trust the
       admin to be using verify=header-syntax (to actually reject the message).
 
+JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
+      more than one message arrived in a single connection a reference from
+      the earlier message could be re-used.  Often a sigsegv resulted.
+      These variables were introduced in Exim 4.87.
+      Debug help from Graeme Fowler.
+
 
 Exim version 4.96
 -----------------
 
-JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
+JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
       after reception to before a subsequent reception.  This should
       mean slightly faster delivery, and also confirmation of reception
       to senders.
 
 JH/02 Move from using the pcre library to pcre2.  The former is no longer
--- a/src/exim.c
+++ b/src/exim.c
@@ -1999,12 +1999,10 @@




Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions

---
 doc/ChangeLog              |  3 +++
 src/tls-gnu.c                  |  3 ++-
 src/tls-openssl.c              | 39 +++++++++++++++---------------
 test/confs/2091                    |  1 +

 create mode 100644 test/scripts/2090-GnuTLS-ALPN/2091
 create mode 100644 test/stdout/2091

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -10,10 +10,14 @@
       more than one message arrived in a single connection a reference from
       the earlier message could be re-used.  Often a sigsegv resulted.
       These variables were introduced in Exim 4.87.
       Debug help from Graeme Fowler.
 
+JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
+      Find and fix by Jasen Betts.
+
+
 
 Exim version 4.96
 -----------------
 
 JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
--- a/src/tls-gnu.c
+++ b/src/tls-gnu.c
@@ -1130,12 +1130,13 @@




Subject: [PATCH 1/2] Fix: Build with libopendmarc 1.4.x (fixes 2728)

---
 doc/ChangeLog     | 3 +++
 src/EDITME            | 7 +++++--
 src/config.h.defaults | 1 +
 src/dmarc.c           | 7 ++++++-
 4 files changed, 15 insertions(+), 3 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -13,10 +13,13 @@
       Debug help from Graeme Fowler.
 
 JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
       Find and fix by Jasen Betts.
 
+HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
+      API changes in libopendmarc.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/EDITME
+++ b/src/EDITME
@@ -600,18 +600,21 @@





Broken-by: 7d5055276a
---
 doc/ChangeLog | 4 ++++
 src/daemon.c      | 8 ++++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -16,10 +16,14 @@
       Find and fix by Jasen Betts.
 
 HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
       API changes in libopendmarc.
 
+JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
+      pid 1, in the normal "background daemon" mode, having to drop process-
+      group leadership also lost track of needing to create listener sockets.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1744,19 +1744,23 @@





Broken-by: cfe6acff2d
---
 doc/ChangeLog | 3 +++
 src/transport.c   | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -20,10 +20,13 @@
 
 JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
       pid 1, in the normal "background daemon" mode, having to drop process-
       group leadership also lost track of needing to create listener sockets.
 
+JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
+      resulted in the variable appearing empty.  Find and fix by Ruben Jenster.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/transport.c
+++ b/src/transport.c
@@ -2342,13 +2342,14 @@





broken-by: 59d66fdc13f0
---
 doc/ChangeLog | 5 +++++
 src/exim.c        | 2 ++
 src/malware.c     | 3 +++
 src/regex.c       | 2 +-
 4 files changed, 11 insertions(+), 1 deletion(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -22,10 +22,15 @@
       pid 1, in the normal "background daemon" mode, having to drop process-
       group leadership also lost track of needing to create listener sockets.
 
 JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
       resulted in the variable appearing empty.  Find and fix by Ruben Jenster.
+ 
+JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
+      a capture group which obtained no text (eg. "(abc)*" matching zero
+      occurrences) could cause a segfault if the corresponding $<n> was
+      expanded.
 
 
 
 Exim version 4.96
 -----------------
--- a/src/exim.c
+++ b/src/exim.c
@@ -167,10 +167,12 @@





Broken-by: d12746bc15d8
---
 doc/ChangeLog        |  5 +++++
 src/log.c                |  7 ++++---
 test/confs/0633              | 21 ++++++++++++++++++++
 test/scripts/0000-Basic/0633 |  9 +++++++++

 create mode 100644 test/stderr/0633
 create mode 100644 test/stdout/0633

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -28,10 +28,15 @@ JH/13 Bug 2929: Fix using $recipients af
 JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
       a capture group which obtained no text (eg. "(abc)*" matching zero
       occurrences) could cause a segfault if the corresponding $<n> was
       expanded.
 
+JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
+      was exactly sized compared to the log buffer, a crash occurred with the
+      misleading message "bad memory reference; pool not found".
+      Found and traced by Jasen Betts.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/log.c
+++ b/src/log.c
@@ -803,11 +803,11 @@ Returns:    nothing




Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911

---
 doc/ChangeLog        |  8 +++++
 src/dns.c                | 12 ++++++++
 test/confs/2202              | 18 +++++++++--
 test/scripts/2200-dnsdb/2202 |  8 +++++

 test/stdout/2202             |  8 +++++
 6 files changed, 108 insertions(+), 4 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -33,10 +33,18 @@ JH/14 Bug 2933: Fix regex substring matc
 JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
       was exactly sized compared to the log buffer, a crash occurred with the
       misleading message "bad memory reference; pool not found".
       Found and traced by Jasen Betts.
 
+JH/19 Bug 2911: Fix a recursion in DNS lookups.  Previously, if the main option
+      dns_again_means_nonexist included an element causing a DNS lookup which
+      iteslf returned DNS_AGAIN, unbounded recursion occurred.  Possible results
+      included (though probably not limited to) a process crash from stack
+      memory limit, or from excessive open files.  Replace this with a paniclog
+      whine (as this is likely a configuration error), and returning
+      DNS_NOMATCH.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/dns.c
+++ b/src/dns.c
@@ -799,10 +799,11 @@ int




 2954

---
 doc/ChangeLog          |  4 +++
 src/tls-openssl.c          | 39 ++++++++++++++----------
 test/confs/2148                | 54 ++++++++++++++++++++++++++++++++++
 test/confs/2149                | 39 +++++++++++++-----------

 create mode 100644 test/scripts/2100-OpenSSL/2148
 create mode 100644 test/stderr/2148

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -41,10 +41,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
       included (though probably not limited to) a process crash from stack
       memory limit, or from excessive open files.  Replace this with a paniclog
       whine (as this is likely a configuration error), and returning
       DNS_NOMATCH.
 
+JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
+      this always failed, probably leading to the usual downgrade to in-clear
+      connections.
+
 
 
 Exim version 4.96
 -----------------
 
--- a/src/tls-openssl.c
+++ b/src/tls-openssl.c
@@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits)




 results of TRY_AGAIN

---
 doc/doc-docbook/spec.xfpt |  7 ++++++-
 doc/ChangeLog     |  4 ++++
 src/dns.c             | 35 ++++++++++++++++++++++-------------
 doc/doc-docbook/spec.xfpt |  7 ++++++-
 3 files changed, 32 insertions(+), 14 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -46,10 +46,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
 JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
       this always failed, probably leading to the usual downgrade to in-clear
       connections.
 
 
+JH/20 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
+      SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
+      to not checking that list for these looks.
+
 
 Exim version 4.96
 -----------------
 
 JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
--- a/src/dns.c
+++ b/src/dns.c
@@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno





Broken-by: 1058096b8c53
---
 doc/ChangeLog | 4 ++++
 src/expand.c      | 9 +++++----
 test/stderr/0630      | 1 +
 3 files changed, 10 insertions(+), 4 deletions(-)

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -50,10 +50,14 @@ JH/20 Bug 2954: (OpenSSL) Fix setting of
 
 JH/20 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
       SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
       to not checking that list for these looks.
 
+JH/23 Fix crash in string expansions. Previously, if an empty variable was
+      immediately followed by an expansion operator, a null-indirection read
+      was done, killing the process.
+
 
 Exim version 4.96
 -----------------
 
 JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
--- a/src/expand.c
+++ b/src/expand.c
@@ -4652,11 +4652,11 @@ while (*s)

Return to bug 274235

Lines 4-10 Date: Tue, 12 Jul 2022 22:14:04 +0100 Link Here

(-)b/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch (-18 lines)
4	Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903	4	Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903
5		5
6	---	6	---
7	doc/ChangeLog \| 5 +
8	src/rewrite.c \| 9 +-	7	src/rewrite.c \| 9 +-
9	test/confs/0471 \| 7 +	8	test/confs/0471 \| 7 +
10	test/log/0471 \| 5 +	9	test/log/0471 \| 5 +
Lines 12-34 Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903 Link Here
12	test/stderr/0471 \| 245 ++++++++++++++++++++++++++++++++++-	11	test/stderr/0471 \| 245 ++++++++++++++++++++++++++++++++++-
13	6 files changed, 267 insertions(+), 8 deletions(-)	12	6 files changed, 267 insertions(+), 8 deletions(-)
14		13
15	--- a/doc/ChangeLog
16	+++ b/doc/ChangeLog
17	@@ -1,9 +1,14 @@
18	This document describes changes to previous versions, that might
19	affect Exim's operation, with an unchanged configuration file. For new
20	options, and new features, see the NewStuff file next to this ChangeLog.
21
22	+JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
23	+ Make the rewrite never match and keep the logging. Trust the
24	+ admin to be using verify=header-syntax (to actually reject the message).
25	+
26	+
27	Exim version 4.96
28	-----------------
29
30	JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
31	after reception to before a subsequent reception. This should
32	--- a/src/rewrite.c	14	--- a/src/rewrite.c
33	+++ b/src/rewrite.c	15	+++ b/src/rewrite.c
34	@@ -493,19 +493,18 @@	16	@@ -493,19 +493,18 @@

Lines 4-10 Date: Wed, 31 Aug 2022 15:37:40 +0100 Link Here

(-)b/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch (-26 lines)
4	Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915	4	Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915
5		5
6	---	6	---
7	doc/ChangeLog \| 8 +++++++-
8	src/exim.c \| 4 +---	7	src/exim.c \| 4 +---
9	src/expand.c \| 2 +-	8	src/expand.c \| 2 +-
10	src/functions.h \| 1 +	9	src/functions.h \| 1 +
Lines 13-43 Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915 Link Here
13	src/smtp_in.c \| 2 ++	12	src/smtp_in.c \| 2 ++
14	7 files changed, 55 insertions(+), 17 deletions(-)	13	7 files changed, 55 insertions(+), 17 deletions(-)
15		14
16	--- a/doc/ChangeLog
17	+++ b/doc/ChangeLog
18	@@ -4,15 +4,21 @@
19
20	JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
21	Make the rewrite never match and keep the logging. Trust the
22	admin to be using verify=header-syntax (to actually reject the message).
23
24	+JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
25	+ more than one message arrived in a single connection a reference from
26	+ the earlier message could be re-used. Often a sigsegv resulted.
27	+ These variables were introduced in Exim 4.87.
28	+ Debug help from Graeme Fowler.
29	+
30
31	Exim version 4.96
32	-----------------
33
34	-JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
35	+JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
36	after reception to before a subsequent reception. This should
37	mean slightly faster delivery, and also confirmation of reception
38	to senders.
39
40	JH/02 Move from using the pcre library to pcre2. The former is no longer
41	--- a/src/exim.c	15	--- a/src/exim.c
42	+++ b/src/exim.c	16	+++ b/src/exim.c
43	@@ -1999,12 +1999,10 @@	17	@@ -1999,12 +1999,10 @@

Lines 4-10 Date: Fri, 30 Sep 2022 13:49:41 +0100 Link Here

(-)b/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch (-18 lines)
4	Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions	4	Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions
5		5
6	---	6	---
7	doc/ChangeLog \| 3 +++
8	src/tls-gnu.c \| 3 ++-	7	src/tls-gnu.c \| 3 ++-
9	src/tls-openssl.c \| 39 +++++++++++++++---------------	8	src/tls-openssl.c \| 39 +++++++++++++++---------------
10	test/confs/2091 \| 1 +	9	test/confs/2091 \| 1 +
Lines 17-39 Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions Link Here
17	create mode 100644 test/scripts/2090-GnuTLS-ALPN/2091	16	create mode 100644 test/scripts/2090-GnuTLS-ALPN/2091
18	create mode 100644 test/stdout/2091	17	create mode 100644 test/stdout/2091
19		18
20	--- a/doc/ChangeLog
21	+++ b/doc/ChangeLog
22	@@ -10,10 +10,14 @@
23	more than one message arrived in a single connection a reference from
24	the earlier message could be re-used. Often a sigsegv resulted.
25	These variables were introduced in Exim 4.87.
26	Debug help from Graeme Fowler.
27
28	+JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
29	+ Find and fix by Jasen Betts.
30	+
31	+
32
33	Exim version 4.96
34	-----------------
35
36	JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
37	--- a/src/tls-gnu.c	19	--- a/src/tls-gnu.c
38	+++ b/src/tls-gnu.c	20	+++ b/src/tls-gnu.c
39	@@ -1130,12 +1130,13 @@	21	@@ -1130,12 +1130,13 @@

Lines 4-31 Date: Sat, 15 Oct 2022 19:30:58 +0200 Link Here

(-)b/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch (-17 lines)
4	Subject: [PATCH 1/2] Fix: Build with libopendmarc 1.4.x (fixes 2728)	4	Subject: [PATCH 1/2] Fix: Build with libopendmarc 1.4.x (fixes 2728)
5		5
6	---	6	---
7	doc/ChangeLog \| 3 +++
8	src/EDITME \| 7 +++++--	7	src/EDITME \| 7 +++++--
9	src/config.h.defaults \| 1 +	8	src/config.h.defaults \| 1 +
10	src/dmarc.c \| 7 ++++++-	9	src/dmarc.c \| 7 ++++++-
11	4 files changed, 15 insertions(+), 3 deletions(-)	10	4 files changed, 15 insertions(+), 3 deletions(-)
12		11
13	--- a/doc/ChangeLog
14	+++ b/doc/ChangeLog
15	@@ -13,10 +13,13 @@
16	Debug help from Graeme Fowler.
17
18	JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
19	Find and fix by Jasen Betts.
20
21	+HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
22	+ API changes in libopendmarc.
23	+
24
25
26	Exim version 4.96
27	-----------------
28
29	--- a/src/EDITME	12	--- a/src/EDITME
30	+++ b/src/EDITME	13	+++ b/src/EDITME
31	@@ -600,18 +600,21 @@	14	@@ -600,18 +600,21 @@

Lines 5-31 Subject: [PATCH 1/2] Fix daemon startup. Bug 2930 Link Here

(-)b/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch (-18 lines)
5		5
6	Broken-by: 7d5055276a	6	Broken-by: 7d5055276a
7	---	7	---
8	doc/ChangeLog \| 4 ++++
9	src/daemon.c \| 8 ++++++--	8	src/daemon.c \| 8 ++++++--
10	2 files changed, 10 insertions(+), 2 deletions(-)	9	2 files changed, 10 insertions(+), 2 deletions(-)
11		10
12	--- a/doc/ChangeLog
13	+++ b/doc/ChangeLog
14	@@ -16,10 +16,14 @@
15	Find and fix by Jasen Betts.
16
17	HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
18	API changes in libopendmarc.
19
20	+JH/12 Bug 2930: Fix daemon startup. When started from any process apart from
21	+ pid 1, in the normal "background daemon" mode, having to drop process-
22	+ group leadership also lost track of needing to create listener sockets.
23	+
24
25
26	Exim version 4.96
27	-----------------
28
29	--- a/src/daemon.c	11	--- a/src/daemon.c
30	+++ b/src/daemon.c	12	+++ b/src/daemon.c
31	@@ -1744,19 +1744,23 @@	13	@@ -1744,19 +1744,23 @@

Lines 5-30 Subject: [PATCH 2/2] Fix $reccipients after ${run...}. Bug 2929 Link Here

(-)b/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch (-17 lines)
5		5
6	Broken-by: cfe6acff2d	6	Broken-by: cfe6acff2d
7	---	7	---
8	doc/ChangeLog \| 3 +++
9	src/transport.c \| 3 ++-	8	src/transport.c \| 3 ++-
10	2 files changed, 5 insertions(+), 1 deletion(-)	9	2 files changed, 5 insertions(+), 1 deletion(-)
11		10
12	--- a/doc/ChangeLog
13	+++ b/doc/ChangeLog
14	@@ -20,10 +20,13 @@
15
16	JH/12 Bug 2930: Fix daemon startup. When started from any process apart from
17	pid 1, in the normal "background daemon" mode, having to drop process-
18	group leadership also lost track of needing to create listener sockets.
19
20	+JH/13 Bug 2929: Fix using $recipients after ${run...}. A change made for 4.96
21	+ resulted in the variable appearing empty. Find and fix by Ruben Jenster.
22	+
23
24
25	Exim version 4.96
26	-----------------
27
28	--- a/src/transport.c	11	--- a/src/transport.c
29	+++ b/src/transport.c	12	+++ b/src/transport.c
30	@@ -2342,13 +2342,14 @@	13	@@ -2342,13 +2342,14 @@

Lines 6-35 Subject: [PATCH 1/2] Fix regext substring capture variables for null matches. Link Here

(-)b/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch (-19 lines)
6		6
7	broken-by: 59d66fdc13f0	7	broken-by: 59d66fdc13f0
8	---	8	---
9	doc/ChangeLog \| 5 +++++
10	src/exim.c \| 2 ++	9	src/exim.c \| 2 ++
11	src/malware.c \| 3 +++	10	src/malware.c \| 3 +++
12	src/regex.c \| 2 +-	11	src/regex.c \| 2 +-
13	4 files changed, 11 insertions(+), 1 deletion(-)	12	4 files changed, 11 insertions(+), 1 deletion(-)
14		13
15	--- a/doc/ChangeLog
16	+++ b/doc/ChangeLog
17	@@ -22,10 +22,15 @@
18	pid 1, in the normal "background daemon" mode, having to drop process-
19	group leadership also lost track of needing to create listener sockets.
20
21	JH/13 Bug 2929: Fix using $recipients after ${run...}. A change made for 4.96
22	resulted in the variable appearing empty. Find and fix by Ruben Jenster.
23	+
24	+JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
25	+ a capture group which obtained no text (eg. "(abc)*" matching zero
26	+ occurrences) could cause a segfault if the corresponding $<n> was
27	+ expanded.
28
29
30
31	Exim version 4.96
32	-----------------
33	--- a/src/exim.c	14	--- a/src/exim.c
34	+++ b/src/exim.c	15	+++ b/src/exim.c
35	@@ -167,10 +167,12 @@	16	@@ -167,10 +167,12 @@

Lines 5-11 Subject: [PATCH] Fix logging of max-size log line Link Here

(-)b/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch (-19 lines)
5		5
6	Broken-by: d12746bc15d8	6	Broken-by: d12746bc15d8
7	---	7	---
8	doc/ChangeLog \| 5 +++++
9	src/log.c \| 7 ++++---	8	src/log.c \| 7 ++++---
10	test/confs/0633 \| 21 ++++++++++++++++++++	9	test/confs/0633 \| 21 ++++++++++++++++++++
11	test/scripts/0000-Basic/0633 \| 9 +++++++++	10	test/scripts/0000-Basic/0633 \| 9 +++++++++
Lines 17-40 Broken-by: d12746bc15d8 Link Here
17	create mode 100644 test/stderr/0633	16	create mode 100644 test/stderr/0633
18	create mode 100644 test/stdout/0633	17	create mode 100644 test/stdout/0633
19		18
20	--- a/doc/ChangeLog
21	+++ b/doc/ChangeLog
22	@@ -28,10 +28,15 @@ JH/13 Bug 2929: Fix using $recipients af
23	JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
24	a capture group which obtained no text (eg. "(abc)*" matching zero
25	occurrences) could cause a segfault if the corresponding $<n> was
26	expanded.
27
28	+JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line
29	+ was exactly sized compared to the log buffer, a crash occurred with the
30	+ misleading message "bad memory reference; pool not found".
31	+ Found and traced by Jasen Betts.
32	+
33
34
35	Exim version 4.96
36	-----------------
37
38	--- a/src/log.c	19	--- a/src/log.c
39	+++ b/src/log.c	20	+++ b/src/log.c
40	@@ -803,11 +803,11 @@ Returns: nothing	21	@@ -803,11 +803,11 @@ Returns: nothing

Lines 4-10 Date: Wed, 28 Dec 2022 19:39:06 +0000 Link Here

(-)b/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch (-22 lines)
4	Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911	4	Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911
5		5
6	---	6	---
7	doc/ChangeLog \| 8 +++++
8	src/dns.c \| 12 ++++++++	7	src/dns.c \| 12 ++++++++
9	test/confs/2202 \| 18 +++++++++--	8	test/confs/2202 \| 18 +++++++++--
10	test/scripts/2200-dnsdb/2202 \| 8 +++++	9	test/scripts/2200-dnsdb/2202 \| 8 +++++
Lines 12-38 Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911 Link Here
12	test/stdout/2202 \| 8 +++++	11	test/stdout/2202 \| 8 +++++
13	6 files changed, 108 insertions(+), 4 deletions(-)	12	6 files changed, 108 insertions(+), 4 deletions(-)
14		13
15	--- a/doc/ChangeLog
16	+++ b/doc/ChangeLog
17	@@ -33,10 +33,18 @@ JH/14 Bug 2933: Fix regex substring matc
18	JH/18 Fix a fencepost error in logging. Previously (since 4.92) when a log line
19	was exactly sized compared to the log buffer, a crash occurred with the
20	misleading message "bad memory reference; pool not found".
21	Found and traced by Jasen Betts.
22
23	+JH/19 Bug 2911: Fix a recursion in DNS lookups. Previously, if the main option
24	+ dns_again_means_nonexist included an element causing a DNS lookup which
25	+ iteslf returned DNS_AGAIN, unbounded recursion occurred. Possible results
26	+ included (though probably not limited to) a process crash from stack
27	+ memory limit, or from excessive open files. Replace this with a paniclog
28	+ whine (as this is likely a configuration error), and returning
29	+ DNS_NOMATCH.
30	+
31
32
33	Exim version 4.96
34	-----------------
35
36	--- a/src/dns.c	14	--- a/src/dns.c
37	+++ b/src/dns.c	15	+++ b/src/dns.c
38	@@ -799,10 +799,11 @@ int	16	@@ -799,10 +799,11 @@ int

Lines 5-11 Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group. Bug Link Here

(-)b/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch (-18 lines)
5	2954	5	2954
6		6
7	---	7	---
8	doc/ChangeLog \| 4 +++
9	src/tls-openssl.c \| 39 ++++++++++++++----------	8	src/tls-openssl.c \| 39 ++++++++++++++----------
10	test/confs/2148 \| 54 ++++++++++++++++++++++++++++++++++	9	test/confs/2148 \| 54 ++++++++++++++++++++++++++++++++++
11	test/confs/2149 \| 39 +++++++++++++-----------	10	test/confs/2149 \| 39 +++++++++++++-----------
Lines 23-45 Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group. Bug Link Here
23	create mode 100644 test/scripts/2100-OpenSSL/2148	22	create mode 100644 test/scripts/2100-OpenSSL/2148
24	create mode 100644 test/stderr/2148	23	create mode 100644 test/stderr/2148
25		24
26	--- a/doc/ChangeLog
27	+++ b/doc/ChangeLog
28	@@ -41,10 +41,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
29	included (though probably not limited to) a process crash from stack
30	memory limit, or from excessive open files. Replace this with a paniclog
31	whine (as this is likely a configuration error), and returning
32	DNS_NOMATCH.
33
34	+JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group. Previously
35	+ this always failed, probably leading to the usual downgrade to in-clear
36	+ connections.
37	+
38
39
40	Exim version 4.96
41	-----------------
42
43	--- a/src/tls-openssl.c	25	--- a/src/tls-openssl.c
44	+++ b/src/tls-openssl.c	26	+++ b/src/tls-openssl.c
45	@@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits)	27	@@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits)

Lines 5-32 Subject: [PATCH 3/3] DANE: do not check dns_again_means_nonexist for TLSA Link Here

(-)b/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch (-19 / +1 lines)
5	results of TRY_AGAIN	5	results of TRY_AGAIN
6		6
7	---	7	---
8	doc/doc-docbook/spec.xfpt \| 7 ++++++-
9	doc/ChangeLog \| 4 ++++
10	src/dns.c \| 35 ++++++++++++++++++++++-------------	8	src/dns.c \| 35 ++++++++++++++++++++++-------------
		9	doc/doc-docbook/spec.xfpt \| 7 ++++++-
11	3 files changed, 32 insertions(+), 14 deletions(-)	10	3 files changed, 32 insertions(+), 14 deletions(-)
12		11
13	--- a/doc/ChangeLog
14	+++ b/doc/ChangeLog
15	@@ -46,10 +46,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
16	JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group. Previously
17	this always failed, probably leading to the usual downgrade to in-clear
18	connections.
19
20
21	+JH/20 Fix TLSA lookups. Previously dns_again_means_nonexist would affect
22	+ SERVFAIL results, which breaks the downgrade resistance of DANE. Change
23	+ to not checking that list for these looks.
24	+
25
26	Exim version 4.96
27	-----------------
28
29	JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
30	--- a/src/dns.c	12	--- a/src/dns.c
31	+++ b/src/dns.c	13	+++ b/src/dns.c
32	@@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno	14	@@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno

Lines 5-32 Subject: [PATCH] Fix crash in expansions Link Here

(-)b/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch (-18 lines)
5		5
6	Broken-by: 1058096b8c53	6	Broken-by: 1058096b8c53
7	---	7	---
8	doc/ChangeLog \| 4 ++++
9	src/expand.c \| 9 +++++----	8	src/expand.c \| 9 +++++----
10	test/stderr/0630 \| 1 +	9	test/stderr/0630 \| 1 +
11	3 files changed, 10 insertions(+), 4 deletions(-)	10	3 files changed, 10 insertions(+), 4 deletions(-)
12		11
13	--- a/doc/ChangeLog
14	+++ b/doc/ChangeLog
15	@@ -50,10 +50,14 @@ JH/20 Bug 2954: (OpenSSL) Fix setting of
16
17	JH/20 Fix TLSA lookups. Previously dns_again_means_nonexist would affect
18	SERVFAIL results, which breaks the downgrade resistance of DANE. Change
19	to not checking that list for these looks.
20
21	+JH/23 Fix crash in string expansions. Previously, if an empty variable was
22	+ immediately followed by an expansion operator, a null-indirection read
23	+ was done, killing the process.
24	+
25
26	Exim version 4.96
27	-----------------
28
29	JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
30	--- a/src/expand.c	12	--- a/src/expand.c
31	+++ b/src/expand.c	13	+++ b/src/expand.c
32	@@ -4652,11 +4652,11 @@ while (*s)	14	@@ -4652,11 +4652,11 @@ while (*s)