---
- branch: MAIN
  date: Mon May  9 13:30:47 UTC 2011
  files:
  - new: '1.108'
    old: '1.107'
    path: pkgsrc/mail/exim/Makefile
    pathrev: pkgsrc/mail/exim/Makefile@1.108
    type: modified
  - new: '1.51'
    old: '1.50'
    path: pkgsrc/mail/exim/distinfo
    pathrev: pkgsrc/mail/exim/distinfo@1.51
    type: modified
  - new: '1.22'
    old: '1.21'
    path: pkgsrc/mail/exim/patches/patch-aa
    pathrev: pkgsrc/mail/exim/patches/patch-aa@1.22
    type: modified
  - new: '1.15'
    old: '1.14'
    path: pkgsrc/mail/exim/patches/patch-ac
    pathrev: pkgsrc/mail/exim/patches/patch-ac@1.15
    type: modified
  - new: '0'
    old: '1.1'
    path: pkgsrc/mail/exim/patches/patch-ah
    pathrev: pkgsrc/mail/exim/patches/patch-ah@0
    type: deleted
  - new: '0'
    old: '1.2'
    path: pkgsrc/mail/exim/patches/patch-ba
    pathrev: pkgsrc/mail/exim/patches/patch-ba@0
    type: deleted
  id: 20110509T133047Z.2d5134b5f46f4482d4223c47742b2b368645e982
  log: |
    Changes 4.76:
    * The new ldap_require_cert option would segfault if used.  Fixed.
    * Harmonised TLS library version reporting; only show if debugging.
      Layout now matches that introduced for other libraries in 4.74 PP/03.
    * New openssl_options items: no_sslv2 no_sslv3 no_ticket no_tlsv1
    * New "dns_use_edns0" global option.
    * Don't segfault on misconfiguration of ref:name exim-user as uid.
    * Extra paranoia around buffer usage at the STARTTLS transition.
      nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
    * Updated PolarSSL code to 0.14.2.
    * Catch divide-by-zero in ${eval:...}.
    * Condition negation of bool{}/bool_lax{} did not negate.  Fixed.
    * CVE-2011-1764 - DKIM log line was subject to a format-string attack --
      SECURITY: remote arbitrary code execution.
    * SECURITY - DKIM signature header parsing was double-expanded, second
      time unintentionally subject to list matching rules, letting the header
      cause arbitrary Exim lookups (of items which can occur in lists, *not*
      arbitrary string expansion). This allowed for information disclosure.
    * Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
      INT_MIN/-1 -- value coerced to INT_MAX.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/mail/exim'
  unixtime: '1304947847'
  user: adam