| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: eximon | Distribution: openSUSE Tumbleweed |
| Version: 4.98 | Vendor: openSUSE |
| Release: 2.1 | Build date: Mon Nov 18 14:11:39 2024 |
| Group: Productivity/Networking/Email/Servers | Build host: reproducible |
| Size: 144601 | Source RPM: exim-4.98-2.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.exim.org/ | |
| Summary: Eximon, an graphical frontend to administer Exim's mail queue | |
This allows administrators to view the exim agent's mail queue and logs, and perform a variety of actions on queued messages, such as freezing, bouncing and thawing messages, and even editing body and header of mails.
GPL-2.0-or-later
* Mon Nov 18 2024 Dominique Leuenberger <[email protected]>
- Own /srv/www which is no longer owned by the filesystem package.
* Mon Jul 15 2024 Dirk Müller <[email protected]>
- update to 4.98 (bsc#1227423, CVE-2024-39929):
* The dkim_status ACL condition may now be used in data ACLs
* The dkim_verbose logging control also enables logging of signing
* The dkim_timestamps signing option now accepts zero to include
a current timestamp but no expiry timestamp.
* The recipients_max main option is now expanded.
* Setting variables for "exim -be" can set a tainted value.
* A dns:fail event.
* The dsearch lookup supports search for a sub-path.
* Include mailtest utility for simple connection checking.
* Add SMTP WELLKNOWN extension.
* Thu Feb 22 2024 Dominique Leuenberger <[email protected]>
- Use %patch -P N instead of deprecated %patchN.
* Sat Dec 30 2023 Dirk Müller <[email protected]>
- update to 4.97.1 (bsc#1218387, CVE-2023-51766):
* Fixes for the smtp protocol smuggling (CVE-2023-51766)
* Tue Nov 07 2023 Peter Wullinger <[email protected]>
- update to exim 4.97
* remove patch-no-exit-on-rewrite-malformed-address.patch (upstreamed)
* Mon Oct 16 2023 Peter Wullinger <[email protected]>
- security update to exim 4.96.2
* fixes CVE-2023-42117 (bsc#1215787)
* fixes CVE-2023-42119 (bsc#1215789)
* Mon Oct 02 2023 Peter Wullinger <[email protected]>
- security update to exim 4.96.1
* fixes CVE-2023-42114 (bsc#1215784)
* fixes CVE-2023-42115 (bsc#1215785)
* fixes CVE-2023-42116 (bsc#1215786)
* Tue Mar 28 2023 Peter Wullinger <[email protected]>
- enable sender rewriting support (SUPPORT_SRS)
* Wed Jan 25 2023 Thorsten Kukuk <[email protected]>
- Don't build the NIS module anymore, libnsl/NIS are deprecated
* Tue Oct 18 2022 Peter Wullinger <[email protected]>
- add patch-cve-2022-3559 (fixes CVE-2022-3559, bsc#1204427, Bug 2915)
* Thu Sep 29 2022 Peter Wullinger <[email protected]>
- add (patch-no-exit-on-rewrite-malformed-address.patch)
Fix exit on attempt to rewrite a malformed address (Bug 2903)
* Tue Sep 06 2022 Ludwig Nussel <[email protected]>
- Own /var/spool/mail (boo#1179574)
* Thu Sep 01 2022 Stefan Schubert <[email protected]>
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
* Wed Jun 29 2022 Stefan Schubert <[email protected]>
- Moved logrotate files from user specific directory /etc/logrotate.d
to vendor specific directory /usr/etc/logrotate.d.
* Mon Jun 27 2022 Peter Wullinger <[email protected]>
- update to exim 4.96
* Move from using the pcre library to pcre2.
* Constification work in the filters module required a major version
bump for the local-scan API. Specifically, the "headers_charset"
global which is visible via the API is now const and may therefore
not be modified by local-scan code.
* Bug 2819: speed up command-line messages being read in. Previously a
time check was being done for every character; replace that with one
per buffer.
* Bug 2815: Fix ALPN sent by server under OpenSSL. Previously the string
sent was prefixed with a length byte.
* Change the SMTP feature name for pipelining connect to be compliant with
RFC 5321. Previously Dovecot (at least) would log errors during
submission.
* Fix macro-definition during "-be" expansion testing. The move to
write-protected store for macros had not accounted for these runtime
additions; fix by removing this protection for "-be" mode.
* Convert all uses of select() to poll().
* Fix use of $sender_host_name in daemon process. When used in certain
main-section options or in a connect ACL, the value from the first ever
connection was never replaced for subsequent connections.
* Bug 2838: Fix for i32lp64 hard-align platforms
* Bug 2845: Fix handling of tls_require_ciphers for OpenSSL when a value
with underbars is given.
* Bug 1895: TLS: Deprecate RFC 5114 Diffie-Hellman parameters.
* Debugging initiated by an ACL control now continues through into routing
and transport processes.
* The "expand" debug selector now gives more detail, specifically on the
result of expansion operators and items.
* Bug 2751: Fix include_directory in redirect routers. Previously a
bad comparison between the option value and the name of the file to
be included was done, and a mismatch was wrongly identified.
* Support for Berkeley DB versions 1 and 2 is withdrawn.
* When built with NDBM for hints DB's check for nonexistence of a name
supplied as the db file-pair basename.
* Remove the "allow_insecure_tainted_data" main config option and the
"taint" log_selector.
* Fix static address-list lookups to properly return the matched item.
Previously only the domain part was returned.
* The ${run} expansion item now expands its command string elements after
splitting. Previously it was before; the new ordering makes handling
zero-length arguments simpler.
* Taint-check exec arguments for transport-initiated external processes.
Previously, tainted values could be used. This affects "pipe", "lmtp" and
"queryprogram" transport, transport-filter, and ETRN commands.
The ${run} expansion is also affected: in "preexpand" mode no part of
the command line may be tainted, in default mode the executable name
may not be tainted.
* Fix CHUNKING on a continued-transport. Previously the usabilility of
the facility was not passed across execs, and only the first message
passed over a connection could use BDAT; any further ones using DATA.
* Support the PIPECONNECT facility in the smtp transport when the helo_data
uses $sending_ip_address and an interface is specified.
* OpenSSL: fix transport-required OCSP stapling verification under session
resumption.
* TLS resumption: the key for session lookup in the client now includes
more info that a server could potentially use in configuring a TLS
session, avoiding oferring mismatching sessions to such a server.
* Fix string_copyn() for limit greater than actual string length.
* Bug 2886: GnuTLS: Do not free the cached creds on transport connection
close; it may be needed for a subsequent connection.
* Fix CHUNKING for a second message on a connection when the first was
rejected.
* Fix ${srs_encode ...} to handle an empty sender address, now returning
an empty address.
* Bug 2855: Handle a v4mapped sender address given us by a frontending
proxy.
* Wed Jan 19 2022 Peter Wullinger <[email protected]>
- disable ProtectHome=, it prevents local delivery (bsc#1194810)
* Wed Sep 29 2021 Peter Wullinger <[email protected]>
- update to exim 4.95
* includes taintwarn (taintwarn.patch)
* fast-ramp queue run
* native SRS
* TLS resumption
* LMDB lookups with single key
* smtp transport option "message_linelength_limit"
* optionally ignore lookup caches
* quota checking for appendfile transport during message reception
* sqlite lookups allow a "file=<path>" option
* lsearch lookups allow a "ret=full" option
* command line option for the notifier socket
* faster TLS startup
* new main config option "proxy_protocol_timeout"
* expand "smtp_accept_max_per_connection"
* log selector "queue_size_exclusive"
* main config option "smtp_backlog_monitor"
* main config option "hosts_require_helo"
* main config option "allow_insecure_tainted_data"
* Tue Sep 14 2021 Johannes Segitz <[email protected]>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* exim.service
* Thu Jul 08 2021 Steve Kowalik <[email protected]>
- Update eximstats-html-update.py to run under Python 3.
* Mon May 17 2021 [email protected]
- add exim-4.94.2+fixes and taintwarn patches (taintwarn.patch)
* Tue May 04 2021 [email protected]
- update to exim-4.94.2
security update (bsc#1185631)
* CVE-2020-28007: Link attack in Exim's log directory
* CVE-2020-28008: Assorted attacks in Exim's spool directory
* CVE-2020-28014: Arbitrary PID file creation
* CVE-2020-28011: Heap buffer overflow in queue_run()
* CVE-2020-28010: Heap out-of-bounds write in main()
* CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
* CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
* CVE-2020-28015: New-line injection into spool header file (local)
* CVE-2020-28012: Missing close-on-exec flag for privileged pipe
* CVE-2020-28009: Integer overflow in get_stdinput()
* CVE-2020-28017: Integer overflow in receive_add_recipient()
* CVE-2020-28020: Integer overflow in receive_msg()
* CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
* CVE-2020-28021: New-line injection into spool header file (remote)
* CVE-2020-28022: Heap out-of-bounds read and write in extract_option()
* CVE-2020-28026: Line truncation and injection in spool_read_header()
* CVE-2020-28019: Failure to reset function pointer after BDAT error
* CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
* CVE-2020-28018: Use-after-free in tls-openssl.c
* CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
* Wed Apr 28 2021 [email protected]
- update to exim-4.94.1
* Fix security issue in BDAT state confusion.
Ensure we reset known-good where we know we need to not be reading BDAT
data, as a general case fix, and move the places where we switch to BDAT
mode until after various protocol state checks.
Fixes CVE-2020-BDATA reported by Qualys.
* Fix security issue in SMTP verb option parsing (CVE-2020-EXOPT)
* Fix security issue with too many recipients on a message (to remove a
known security problem if someone does set recipients_max to unlimited,
or if local additions add to the recipient list).
Fixes CVE-2020-RCPTL reported by Qualys.
* Fix CVE-2020-28016 (PFPZA): Heap out-of-bounds write in parse_fix_phrase()
* Fix security issue CVE-2020-PFPSN and guard against cmdline invoker
providing a particularly obnoxious sender full name.
* Fix Linux security issue CVE-2020-SLCWD and guard against PATH_MAX
better.
/usr/bin/eximon /usr/bin/eximon.bin
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Dec 3 00:04:39 2024