- Joined
- Feb 27, 2003
- Messages
- 9,158
Hello,
I've added exim 4.86.2 to the versions.txt on files1.
There was a report of an exim security issue: CVE-2016-1531
DirectAdmin server do use the perl_startup, so it's important that everyone update to this latest exim version.
Note it's available now on files1, but other mirrors make take up to 24 hours to sync.
To get it, run:
After exim is comipled and the exim.conf updated, we want to ensure we see this somewhere:
so the exim.pl isn't broken.
4.3+ should have it in /etc/exim.variables.conf
4.2 should have it in /etc/exim.conf
2.x will need to add it manually.
Note that I've made a few changes to the tar.gz so that it can compile on older OS's (had to do the same for 4.86):
1)
to prevent the compile error:
2) Plus this patch, just as we did before in 4.86:
http://permalink.gmane.org/gmane.mail.exim.devel/8438
to address delivery segfaults.
3) And lastly, the version was 4.86_2, which was confusing CB and would have broken things in many areas, so I also made this change so it's 4.86.2 without the underscore:
Took a few tries to get it packed correctly, so don't be suprised if you an md5sum error.
Currently: 8e5044092f979d06ecd8f885cde13115
------
Related error message:
which just means the keep_environment hasn't been added to the /etc/exim.conf or /etc/exim.variables.conf
John
I've added exim 4.86.2 to the versions.txt on files1.
There was a report of an exim security issue: CVE-2016-1531
DirectAdmin server do use the perl_startup, so it's important that everyone update to this latest exim version.
Note it's available now on files1, but other mirrors make take up to 24 hours to sync.
To get it, run:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build exim
./build exim_conf
After exim is comipled and the exim.conf updated, we want to ensure we see this somewhere:
Code:
keep_environment=PWD
4.3+ should have it in /etc/exim.variables.conf
4.2 should have it in /etc/exim.conf
2.x will need to add it manually.
Note that I've made a few changes to the tar.gz so that it can compile on older OS's (had to do the same for 4.86):
1)
Code:
--- src/tls-openssl.c.orig 2016-03-02 16:48:38.000000000 -0600
+++ src/tls-openssl.c 2016-03-02 16:50:34.000000000 -0600
@@ -659,15 +659,15 @@
static BOOL
init_ecdh(SSL_CTX * sctx, host_item * host)
{
+#ifdef OPENSSL_NO_ECDH
+return TRUE;
+#else
+
EC_KEY * ecdh;
uschar * exp_curve;
int nid;
BOOL rv;
-#ifdef OPENSSL_NO_ECDH
-return TRUE;
-#else
-
if (host) /* No ECDH setup for clients, only for servers */
return TRUE;
Code:
In file included from tls.c:120:
tls-openssl.c: In function 'init_ecdh':
tls-openssl.c:662: error: 'EC_KEY' undeclared (first use in this function)
tls-openssl.c:662: error: (Each undeclared identifier is reported only once
tls-openssl.c:662: error: for each function it appears in.)
tls-openssl.c:662: error: 'ecdh' undeclared (first use in this function)
In file included from tls.c:121:
tlscert-openssl.c: In function 'asn1_time_copy':
tlscert-openssl.c:121: warning: passing argument 2 of 'ASN1_TIME_print' discards qualifiers from pointer target type
make[1]: *** [tls.o] Error 1
2) Plus this patch, just as we did before in 4.86:
http://permalink.gmane.org/gmane.mail.exim.devel/8438
to address delivery segfaults.
3) And lastly, the version was 4.86_2, which was confusing CB and would have broken things in many areas, so I also made this change so it's 4.86.2 without the underscore:
Code:
--- src/version.sh.orig 2016-03-02 22:13:29.000000000 -0600
+++ src/version.sh 2016-03-02 22:11:50.000000000 -0600
@@ -1,4 +1,4 @@
# initial version automatically generated from release-process/scripts/mk_exim_release.pl
EXIM_RELEASE_VERSION=4.86
-EXIM_VARIANT_VERSION=_2
+EXIM_VARIANT_VERSION=.2
EXIM_COMPILE_NUMBER=0
Currently: 8e5044092f979d06ecd8f885cde13115
------
Related error message:
Code:
2016-03-03 20:12:09 WARNING: purging the environment.
Suggested action: use keep_environment and add_environment.
John