Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: freeze-exception Please unblock package exim4 This release fixes a a single bug: PP/06 Bugzilla 1071: fix delivery logging with untrusted macros. If dropping privileges for untrusted macros, we disabled normal logging on the basis that it would fail; for the Exim run-time user, this is not the case, and it resulted in successful deliveries going unlogged. http://bugs.debian.org/610611 Thanks in advance. cu andreas unblock exim4/4.72-5
diff -Nru exim4-4.72/debian/changelog exim4-4.72/debian/changelog --- exim4-4.72/debian/changelog 2011-01-22 17:48:25.000000000 +0100 +++ exim4-4.72/debian/changelog 2011-01-29 14:33:59.000000000 +0100 @@ -1,3 +1,13 @@ +exim4 (4.72-5) unstable; urgency=medium + + * 80_4.74_deliverylogging.patch (Pulled from upstream git): If a non-debug + daemon was invoked with a non-whitelisted macro, then logs from after + attempting delivery would be silently lost, including for successful + delivery. This log-loss bug was introduced as part of the security + lockdown for fixing CVE-2010-4345. Closes: #610611 + + -- Andreas Metzler <ametzler@debian.org> Sat, 29 Jan 2011 14:33:36 +0100 + exim4 (4.72-4) unstable; urgency=medium * In spf example use spf-tools-perl's spfquery instead of the one from diff -Nru exim4-4.72/debian/patches/80_4.74_deliverylogging.patch exim4-4.72/debian/patches/80_4.74_deliverylogging.patch --- exim4-4.72/debian/patches/80_4.74_deliverylogging.patch 1970-01-01 01:00:00.000000000 +0100 +++ exim4-4.72/debian/patches/80_4.74_deliverylogging.patch 2011-01-29 14:23:38.000000000 +0100 @@ -0,0 +1,29 @@ +From b7487bcec431809cb7fc3c2b42fcd607e43d37e7 Mon Sep 17 00:00:00 2001 +From: Phil Pennock <pdp@exim.org> +Date: Sun, 23 Jan 2011 05:44:45 -0500 +Subject: [PATCH 1/2] Bug 1071: fix delivery logging with untrusted macros. + +If dropping privileges for untrusted macros, we disabled normal logging +on the basis that it would fail; for the Exim run-time user, this is not +the case, and it resulted in successful deliveries going unlogged. + + +diff -NurBbp a/src/exim.c b/src/exim.c +--- a/src/exim.c 2011-01-29 14:20:00.000000000 +0100 ++++ b/src/exim.c 2011-01-29 14:20:37.000000000 +0100 +@@ -3426,9 +3426,13 @@ if (( + and should be used for any logging information because attempts to write + to the log will usually fail. To arrange this, we unset really_exim. However, + if no stderr is available there is no point - we might as well have a go +- at the log (if it fails, syslog will be written). */ ++ at the log (if it fails, syslog will be written). + +- if (log_stderr != NULL) really_exim = FALSE; ++ Note that if the invoker is Exim, the logs remain available. Messing with ++ this causes unlogged successful deliveries. */ ++ ++ if ((log_stderr != NULL) && (real_uid != exim_uid)) ++ really_exim = FALSE; + } + + /* Privilege is to be retained for the moment. It may be dropped later, diff -Nru exim4-4.72/debian/patches/series exim4-4.72/debian/patches/series --- exim4-4.72/debian/patches/series 2011-01-21 19:35:49.000000000 +0100 +++ exim4-4.72/debian/patches/series 2011-01-29 14:24:25.000000000 +0100 @@ -19,3 +19,4 @@ 80_4.73rc1_7_filter_D_option.patch 80_4.73rc1_8_updatedocumentation.patch 80_4.74_CVE-2011-0017.patch +80_4.74_deliverylogging.patch
Attachment:
signature.asc
Description: Digital signature