Bug#611446: unblock: exim4/4.72-5
retitle 611446 unblock: exim4/4.72-6 reopen 611446 thanks On 2011-01-29 Adam D. Barratt a...@adam-barratt.org.uk wrote: On Sat, 2011-01-29 at 14:57 +0100, Andreas Metzler wrote: Please unblock package exim4 This release fixes a a single bug: PP/06 Bugzilla 1071: fix delivery logging with untrusted macros. If dropping privileges for untrusted macros, we disabled normal logging on the basis that it would fail; for the Exim run-time user, this is not the case, and it resulted in successful deliveries going unlogged. Unblocked, and aged; thanks. Hello, sorry for bothering you again: Please unblock package exim4 Another bug found and fixed. 4.73-3 and later broke filter-testing as regular using (exim4 -bf). This is the issue fixed in DSA-2154-2 (exim4 regression fix) http://lists.debian.org/debian-security-announce/2011/msg00020.html Debian bug: 611572 unblock exim4/4.72-6 thanks, cu andreas diff -Nru exim4-4.72/debian/changelog exim4-4.72/debian/changelog --- exim4-4.72/debian/changelog 2011-01-29 14:33:59.0 +0100 +++ exim4-4.72/debian/changelog 2011-01-31 19:06:05.0 +0100 @@ -1,3 +1,11 @@ +exim4 (4.72-6) unstable; urgency=high + + * 80_4.74_filtertesting.diff: Do not abort when setgid fails if privileges +were dropped. This fixes a regression from 4.72-2, it was not possible to +test filter files with exim4 -bf anymore. + + -- Andreas Metzler ametz...@debian.org Mon, 31 Jan 2011 19:05:48 +0100 + exim4 (4.72-5) unstable; urgency=medium * 80_4.74_deliverylogging.patch (Pulled from upstream git): If a non-debug diff -Nru exim4-4.72/debian/patches/80_4.74_filtertesting.diff exim4-4.72/debian/patches/80_4.74_filtertesting.diff --- exim4-4.72/debian/patches/80_4.74_filtertesting.diff 1970-01-01 01:00:00.0 +0100 +++ exim4-4.72/debian/patches/80_4.74_filtertesting.diff 2011-01-31 19:09:09.0 +0100 @@ -0,0 +1,29 @@ +From 33191679e1a86ba6d9c38a74d0795d00c300f2c5 Mon Sep 17 00:00:00 2001 +From: Phil Pennock p...@exim.org +Date: Fri, 21 Jan 2011 06:10:35 -0500 +Subject: [PATCH] Tests compat. setgid failure / dropped_privilege + +If we've *dropped* privilege, it's okay to not abort if setgid fails. + + +diff --git a/src/exim.c b/src/exim.c +index 67fbc5c..c8a5da1 100644 +--- a/src/exim.c b/src/exim.c +@@ -3885,14 +3885,14 @@ else + no need to complain then. */ + if (rv == -1) + { +-if (!unprivileged) ++if (!(unprivileged || removed_privilege)) + { + fprintf(stderr, + exim: changing group failed: %s\n, strerror(errno)); + exit(EXIT_FAILURE); + } + else +- debug_printf(changing group to %ld failed: %s\n, ++ DEBUG(D_any) debug_printf(changing group to %ld failed: %s\n, + (long int)exim_gid, strerror(errno)); + } + } diff -Nru exim4-4.72/debian/patches/series exim4-4.72/debian/patches/series --- exim4-4.72/debian/patches/series 2011-01-29 14:24:25.0 +0100 +++ exim4-4.72/debian/patches/series 2011-01-31 18:59:30.0 +0100 @@ -20,3 +20,4 @@ 80_4.73rc1_8_updatedocumentation.patch 80_4.74_CVE-2011-0017.patch 80_4.74_deliverylogging.patch +80_4.74_filtertesting.diff signature.asc Description: Digital signature
Bug#611446: unblock: exim4/4.72-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: freeze-exception Please unblock package exim4 This release fixes a a single bug: PP/06 Bugzilla 1071: fix delivery logging with untrusted macros. If dropping privileges for untrusted macros, we disabled normal logging on the basis that it would fail; for the Exim run-time user, this is not the case, and it resulted in successful deliveries going unlogged. http://bugs.debian.org/610611 Thanks in advance. cu andreas unblock exim4/4.72-5 diff -Nru exim4-4.72/debian/changelog exim4-4.72/debian/changelog --- exim4-4.72/debian/changelog 2011-01-22 17:48:25.0 +0100 +++ exim4-4.72/debian/changelog 2011-01-29 14:33:59.0 +0100 @@ -1,3 +1,13 @@ +exim4 (4.72-5) unstable; urgency=medium + + * 80_4.74_deliverylogging.patch (Pulled from upstream git): If a non-debug +daemon was invoked with a non-whitelisted macro, then logs from after +attempting delivery would be silently lost, including for successful +delivery. This log-loss bug was introduced as part of the security +lockdown for fixing CVE-2010-4345. Closes: #610611 + + -- Andreas Metzler ametz...@debian.org Sat, 29 Jan 2011 14:33:36 +0100 + exim4 (4.72-4) unstable; urgency=medium * In spf example use spf-tools-perl's spfquery instead of the one from diff -Nru exim4-4.72/debian/patches/80_4.74_deliverylogging.patch exim4-4.72/debian/patches/80_4.74_deliverylogging.patch --- exim4-4.72/debian/patches/80_4.74_deliverylogging.patch 1970-01-01 01:00:00.0 +0100 +++ exim4-4.72/debian/patches/80_4.74_deliverylogging.patch 2011-01-29 14:23:38.0 +0100 @@ -0,0 +1,29 @@ +From b7487bcec431809cb7fc3c2b42fcd607e43d37e7 Mon Sep 17 00:00:00 2001 +From: Phil Pennock p...@exim.org +Date: Sun, 23 Jan 2011 05:44:45 -0500 +Subject: [PATCH 1/2] Bug 1071: fix delivery logging with untrusted macros. + +If dropping privileges for untrusted macros, we disabled normal logging +on the basis that it would fail; for the Exim run-time user, this is not +the case, and it resulted in successful deliveries going unlogged. + + +diff -NurBbp a/src/exim.c b/src/exim.c +--- a/src/exim.c 2011-01-29 14:20:00.0 +0100 b/src/exim.c 2011-01-29 14:20:37.0 +0100 +@@ -3426,9 +3426,13 @@ if (( + and should be used for any logging information because attempts to write + to the log will usually fail. To arrange this, we unset really_exim. However, + if no stderr is available there is no point - we might as well have a go +- at the log (if it fails, syslog will be written). */ ++ at the log (if it fails, syslog will be written). + +- if (log_stderr != NULL) really_exim = FALSE; ++ Note that if the invoker is Exim, the logs remain available. Messing with ++ this causes unlogged successful deliveries. */ ++ ++ if ((log_stderr != NULL) (real_uid != exim_uid)) ++really_exim = FALSE; + } + + /* Privilege is to be retained for the moment. It may be dropped later, diff -Nru exim4-4.72/debian/patches/series exim4-4.72/debian/patches/series --- exim4-4.72/debian/patches/series 2011-01-21 19:35:49.0 +0100 +++ exim4-4.72/debian/patches/series 2011-01-29 14:24:25.0 +0100 @@ -19,3 +19,4 @@ 80_4.73rc1_7_filter_D_option.patch 80_4.73rc1_8_updatedocumentation.patch 80_4.74_CVE-2011-0017.patch +80_4.74_deliverylogging.patch signature.asc Description: Digital signature