Format: 1.8
Date: Thu, 06 Jan 2011 09:53:41 +0100
Source: exim4
Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy exim4-daemon-custom eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-daemon-custom-dbg exim4-dev
Architecture: source i386 all
Version: 4.69-9+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 exim4      - metapackage to ease Exim MTA (v4) installation
 exim4-base - support files for all Exim MTA (v4) packages
 exim4-config - configuration for the Exim MTA (v4)
 exim4-daemon-custom - custom Exim MTA (v4) daemon with locally set features
 exim4-daemon-custom-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac
 exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-daemon-light - lightweight Exim MTA (v4) daemon
 exim4-daemon-light-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-dbg  - debugging symbols for the Exim MTA (v4) packages
 exim4-dev  - header files for the Exim MTA (v4) packages
 eximon4    - monitor application for the Exim MTA (v4) (X11 interface)
Closes: 606527
Changes:
 exim4 (4.69-9+lenny2) stable-security; urgency=high
 .
   * 67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts.
     This would not work with ALT_CONFIG_PREFIX.
   * Pull changes related to fixing CVE-2010-4345 from exim 4.73 rc1.
     Closes: #606527
     + 1_cfile_norw_eximuid: Don't allow a configure file which is writeable by
       the Exim user or group.
     + 2_permcheck_configurefile: Check configure file permissions even for
       non-default files if still privileged.
     + 3_remove_ALT_CONFIG_ROOT_ONLY: Remove ALT_CONFIG_ROOT_ONLY build option,
       effectively making it always true.
     + 4_FD_CLOEXEC: Set FD_CLOEXEC on SMTP sockets after forking in the
       daemon, to ensure  that rogue child processes cannot use them.
     + 5_TRUSTED_CONFIG_LIST: Add TRUSTED_CONFIG_LIST compile option.
     + 6_nonroot_system_filter_user: If the system filter needs to be run as
       root, let that be explicitly configured.  The default is now the Exim
       run-time user.
     + 7_filter_D_option: Add a (compiletime) whitelist of acceptable values
       for the -D option.
     + 8_updatedocumentation: Update documentation to reflect the changes.
   * 4_FD_CLOEXEC replaces 80_fdleak.dpatch, drop the latter.
   * Build with WHITELIST_D_MACROS=OUTGOING. Post patch 7_filter_D_option exim
     will not regain root privileges (usually necessary for local delivery) if
     the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are
     exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING.
   * Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. Post patch
     3_remove_ALT_CONFIG_ROOT_ONLY exim will not re-gain root privileges
     (usually necessary for local delivery) if the -C option was used. This
     makes it impossible to start a fully functional damon with an alternate
     configuration file. /etc/exim4/trusted_configs (can) contain a list of
     filenames (one per line, full path given) to which this restriction does
     not apply.
Checksums-Sha1:
 d94406d1a53b3f86cf02e47b62bddceb49b04863 1612 exim4_4.69-9+lenny2.dsc
 e4dd27acb997870be1525306e9e45b8c9fb70014 552955 exim4_4.69-9+lenny2.diff.gz
 42497be54092542057a11001d56341c571209e93 988364 exim4-base_4.69-9+lenny2_i386.deb
 f8b4d9921cd2883d6dc6df91c1e660434846199f 98720 eximon4_4.69-9+lenny2_i386.deb
 1cd4dd0644b5793b10994c86ea675ad77a893398 424828 exim4-daemon-light_4.69-9+lenny2_i386.deb
 cc867d297386c05a199e38c78467d3692ba1117b 472784 exim4-daemon-heavy_4.69-9+lenny2_i386.deb
 7d392b0dba91e37f8ea5bcdb31ae3d7a16d4cb5f 674774 exim4-daemon-light-dbg_4.69-9+lenny2_i386.deb
 23c66c73050216d7be03ede945854ac919bec663 761164 exim4-daemon-heavy-dbg_4.69-9+lenny2_i386.deb
 d474151e98d0fe1fd58b670c11ce1941573e9340 264862 exim4-dbg_4.69-9+lenny2_i386.deb
 422a296c25eb634bd7481dbf8de42fec92b128f8 71292 exim4-dev_4.69-9+lenny2_i386.deb
 9bcb52d0b9957129e7756f25f97454f39753989a 351258 exim4-config_4.69-9+lenny2_all.deb
 40f30c9cc3a7281324272cd4e27099c980e10bef 7476 exim4_4.69-9+lenny2_all.deb
Checksums-Sha256:
 e650d69fd6cb3a7f636c0dc93c89db5e6d02c53c5dda6f59eca8d0cafc586059 1612 exim4_4.69-9+lenny2.dsc
 8edc35156e1e9a3b7b646c9a3848eef4d2dc21df481e7dd51e4c2be486d1f87f 552955 exim4_4.69-9+lenny2.diff.gz
 c1b047d6fe18d959ead4c7557c2e8659cacf943da1e8ef329518b0dc1bc28399 988364 exim4-base_4.69-9+lenny2_i386.deb
 2872adcecf464014ff6bac5b980294929b45417ec7c44cf8af2ee44331899f08 98720 eximon4_4.69-9+lenny2_i386.deb
 92a9beb749d4fd671b44ffb4e815b9598e6ea1bdfd4fb0be84151d71cd4c57b0 424828 exim4-daemon-light_4.69-9+lenny2_i386.deb
 bb6fda5893878aac928df9924e8da95aacdc6a803c5d80c6b850a9386d9f7ff7 472784 exim4-daemon-heavy_4.69-9+lenny2_i386.deb
 afab59a32781633d9092e9ed10b5afef67c1cc43ae25adcddcd4789fff50b04f 674774 exim4-daemon-light-dbg_4.69-9+lenny2_i386.deb
 b36ddb084257ca4c8d8d506ba8b30f72f98b99c1704257bfaebd542cfa22d99e 761164 exim4-daemon-heavy-dbg_4.69-9+lenny2_i386.deb
 499dee0787c98f0b5d8b85b5abc2ffd528950f01b41e45a2cfd57132eb8419f5 264862 exim4-dbg_4.69-9+lenny2_i386.deb
 c6599df39da131352293e91ea6e0c2f614ad14b038a6735cb3498bea22158e45 71292 exim4-dev_4.69-9+lenny2_i386.deb
 db63ca976136106b207b5cde64a9cd2f60d0f0e1f2cd5273bee4cb3e0c7e2ed0 351258 exim4-config_4.69-9+lenny2_all.deb
 73eaa9b71c4f09b90b354ff0d7aef6de9fe2b69471116d7e1185cc503146c683 7476 exim4_4.69-9+lenny2_all.deb
Files:
 fb5784d33e80ab93d49200ac812e84c8 1612 mail standard exim4_4.69-9+lenny2.dsc
 8aa9624f991fb9c7d38af11d9312bdb0 552955 mail standard exim4_4.69-9+lenny2.diff.gz
 b3be3f9388f446062ea1e9d0ae99d361 988364 mail standard exim4-base_4.69-9+lenny2_i386.deb
 8af56d55c000d5e602861e1f31e90bdc 98720 mail optional eximon4_4.69-9+lenny2_i386.deb
 22b9c271de56c043dcf97c5ac07b09cc 424828 mail standard exim4-daemon-light_4.69-9+lenny2_i386.deb
 8e15d8058d5aba1fcd5ee8a274ec24d2 472784 mail optional exim4-daemon-heavy_4.69-9+lenny2_i386.deb
 571979355fb246610883391aaf9d1735 674774 mail extra exim4-daemon-light-dbg_4.69-9+lenny2_i386.deb
 393ed482f9b861ff8ef588df67c4098c 761164 mail extra exim4-daemon-heavy-dbg_4.69-9+lenny2_i386.deb
 1f2848f6003a90467072b6a59bbf2c7e 264862 mail extra exim4-dbg_4.69-9+lenny2_i386.deb
 14e00e429259bcecf40a97e9535b0a93 71292 mail extra exim4-dev_4.69-9+lenny2_i386.deb
 148963e90278b312c89fce40c96898d6 351258 mail standard exim4-config_4.69-9+lenny2_all.deb
 bcd44b917df0c7391b482ba031de90ef 7476 mail standard exim4_4.69-9+lenny2_all.deb