CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2012/10/26 02:50:15
Modified files: mail/exim : Tag: OPENBSD_5_1 Makefile Added files: mail/exim/patches: Tag: OPENBSD_5_1 patch-src_dkim_c patch-src_pdkim_pdkim_h Log message: SECURITY fix for Exim CVE-2012-5671 - Remote code execution with DKIM decoding Workaround: "You are not vulnerable if <...> you put this at the start of an ACL plumbed into acl_smtp_connect or acl_smtp_rcpt: warn control = dkim_disable_verify" This is backported from the diff between exim 4.80 and 4.80.1 (not updating fully to 4.80.1 yet as this small diff is safer to commit) same diff rpointel@