Hello community, here is the log from the commit of package exim for openSUSE:Factory checked in at 2019-12-30 12:34:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/exim (Old) and /work/SRC/openSUSE:Factory/.exim.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "exim" Mon Dec 30 12:34:32 2019 rev:54 rq:759896 version:4.93 Changes: -------- --- /work/SRC/openSUSE:Factory/exim/exim.changes 2019-09-13 14:59:30.289280252 +0200 +++ /work/SRC/openSUSE:Factory/.exim.new.6675/exim.changes 2019-12-30 12:34:37.611797948 +0100 @@ -1,0 +2,24 @@ +Mon Dec 9 10:08:02 UTC 2019 - wullinger@rz.uni-kiel.de + +- update to exim 4.93 + * SUPPORT_DMARC replaces EXPERIMENTAL_DMARC + * DISABLE_TLS replaces SUPPORT_TLS + * Bump the version for the local_scan API. + * smtp transport option hosts_try_fastopen defaults to "*". + * DNSSec is requested (not required) for all queries. (This seemes to + ask for trouble if your resolver is a systemd-resolved.) + * Generic router option retry_use_local_part defaults to "true" under specific + pre-conditions. + * Introduce a tainting mechanism for values read from untrusted sources. + * Use longer file names for temporary spool files (this avoids + name conflicts with spool on a shared file system). + * Use dsn_from main config option (was ignored previously). + +------------------------------------------------------------------- +Mon Sep 30 15:39:54 UTC 2019 - poeml@cmdline.net + +- update to exim 4.92.3 + * CVE-2019-16928: fix against Heap-based buffer overflow in string_vformat, + remote code execution seems to be possible + +------------------------------------------------------------------- Old: ---- exim-4.92.2.tar.bz2 exim-4.92.2.tar.bz2.asc New: ---- exim-4.93.tar.bz2 exim-4.93.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ exim.spec ++++++ --- /var/tmp/diff_new_pack.8pkH6J/_old 2019-12-30 12:34:38.279798307 +0100 +++ /var/tmp/diff_new_pack.8pkH6J/_new 2019-12-30 12:34:38.279798307 +0100 @@ -1,7 +1,7 @@ # # spec file for package exim # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -52,7 +52,7 @@ BuildRequires: pkgconfig(xaw7) BuildRequires: pkgconfig(xmu) BuildRequires: pkgconfig(xt) -Url: http://www.exim.org/ +URL: http://www.exim.org/ Conflicts: sendmail sendmail-tls postfix Provides: smtp_daemon %if %{?suse_version:%suse_version}%{?!suse_version:0} > 800 @@ -72,7 +72,7 @@ %endif Requires(pre): fileutils textutils %endif -Version: 4.92.2 +Version: 4.93 Release: 0 %if %{with_mysql} BuildRequires: mysql-devel @@ -197,7 +197,7 @@ LOOKUP_PASSWD=yes # LOOKUP_WHOSON=yes CYRUS_SASLAUTHD_SOCKET=/var/run/sasl2/mux - LOOKUP_LIBS=-llber + LOOKUP_LIBS=-llber -lnsl %if %{with_ldap} LDAP_LIB_TYPE=OPENLDAP2 LOOKUP_LIBS+=-lldap @@ -224,6 +224,7 @@ AUTH_DOVECOT=yes AUTH_TLS=yes AUTH_LIBS=-lsasl2 + USE_OPENSSL=yes SUPPORT_TLS=yes TLS_LIBS=-lssl -lcrypto INFO_DIRECTORY=%{_infodir} @@ -273,7 +274,7 @@ HAVE_IPV6=YES SUPPORT_SPF=yes LOOKUP_LIBS+=-lspf2 - #EXPERIMENTAL_DMARC=yes + #SUPPORT_DMARC=yes #CFLAGS += -I/usr/local/include #LDFLAGS += -lopendmarc EXPERIMENTAL_EVENT=yes @@ -289,7 +290,7 @@ EXPERIMENTAL_INTERNATIONAL=yes %endif LDFLAGS += -lidn - CFLAGS=$RPM_OPT_FLAGS -Wall $CFLAGS_OPT_WERROR -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE + CFLAGS=$RPM_OPT_FLAGS -std=gnu99 -Wall $CFLAGS_OPT_WERROR -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED $fPIE EXTRALIBS=-ldl -lpam -L/usr/X11R6/%{_lib} $pie EOF touch Local/eximon.conf ++++++ exim-4.92.2.tar.bz2 -> exim-4.93.tar.bz2 ++++++ ++++ 51972 lines of diff (skipped)