Accepted exim4 4.96-15+deb12u3 (source) into proposed-updates

[Debian FTP Masters <ftpmaster@ftp-master.debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Nov 2023 11:07:57 +0100
Source: exim4
Architecture: source
Version: 4.96-15+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 1043233 1053310
Changes:
 exim4 (4.96-15+deb12u3) bookworm; urgency=medium
 .
   * Multiple bugfixes from upstream GIT master:
     + 75_74-Cancel-early-pipe-on-an-observed-advertising-change.patch
     + 75_76-Expansions-disallow-UTF-16-surrogates-from-utf8clean.patch
       (Upstream bug 2998)
     + 75_77-GnuTLS-fix-crash-with-tls_dhparam-none.patch
     + 75_79-Fix-recipients-expansion-when-used-within-run.-.-Bug.patch
       (Upstream bug 3013)
     + 75_82-GnuTLS-fix-autogen-cert-expiry-date.-Bug-3014.patch: Fix on-demand
       TLS cert expiry date. Closes: #1043233
       (Upstream bug 3014)
     + 75_83-Re-fix-live-variable-value-free.-The-inital-fix-resu.patch
     + 76-10-Fix-tr.-and-empty-strings.-Bug-3023.patch ((Upstream bug 3023)
     + 76-12-DNS-more-hardening-against-crafted-responses.patch
     + 76-14-Lookups-Fix-dnsdb-lookup-of-multi-chunk-TXT.-Bug-305.patch Fix
       regression in dnsdb in CVE-2023-42119 fix. (Upstream bug 3054)
   * tests/basic: Add isolation-container restriction (needs a running
     exim daemon).
   * Add ${run } expansion test to tests/basic.
   * Update code to 4.96.2, fixing issues with the proxy protocol
     (CVE-2023-42117) and the `dnsdb` lookup subsystem (CVE-2023-42119). It
     also includes additional hardening for spf lookups, however CVE-2023-42118
     was diagnosed as a vulnerability in the libspf2 library and needs to be
     addressed there. Closes: #1053310
Checksums-Sha1: 
 c4722b686b96b895692a5109dfe3dcd4e1369ca4 2923 exim4_4.96-15+deb12u3.dsc
 c7e3725a4404d90894dc99a33d53b9c293d3ff54 504024 exim4_4.96-15+deb12u3.debian.tar.xz
Checksums-Sha256: 
 0da9eaee8acd75eb4eaf5577b3e84bd5cc7a6294cb83587f0880c89691790306 2923 exim4_4.96-15+deb12u3.dsc
 a8f7a4d81c826b37305f4afb7d271c7bc152dd1e93cb3211ab779f1e3948f6ae 504024 exim4_4.96-15+deb12u3.debian.tar.xz
Files: 
 20d9c1c596af9964a53c47ea3a015d3d 2923 mail standard exim4_4.96-15+deb12u3.dsc
 cd75904806abbe66032b45c63204f9e1 504024 mail standard exim4_4.96-15+deb12u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmVZ4x0ACgkQpU8BhUOC
FITXBw//aSMq9kgiX3WrsK38H47wP0AV4Mh0BM1NB3ptlnKRo9xFaqVsoh3ag6zh
YLbuuef1LKHPv/ZXRT7ut5ZRAMAo/cAfZjqIl9a/8KYStqgRWtNqfQn02uYVYEUm
Cdtry+xo9zfYQ1q93srkGiFmN803mNhbXTtvW25CKM65SnS7TQR36aUXDVPX3mmZ
zcoLROmpfHDeqZqwlJO8m6XYq0gXQEvMT4+9qHEJalsw4puQ2QRTFRaHeHJM62Yv
f4GxjJbmlAafDREw6swZkRAskFKHzIDO1by5YtC5GMf0QIPZWjSOjAdfK0hm56Ef
1zg4nmcOt94WS9I91ibAVWxbSdUVigmvBOGjZx5KbFfbU9mhdnnPXUVX3CJZCrMI
Nm/XMCt2cNEJ/M6QkFIC2AkMwbpGMxkuTrAd9FITW/PBr9EIa8uaizDLUxxqu5G9
P+qWIGRJLvqoKWvN4K7rGfnYw1YduAbVKZULV5mQ1DbMc/digI+99W7l2aVhKnhY
0zu+x75dRZc9Az3mPwxczkqS0XCtFZXhPfcaS1fZ3kuZmh/Bl0t9dhO20mQYs4eI
u7n/ARpmEJqCMb21a/fNCkvwepQBiQnJlIzfblA6+Qrl52CAZvHpwn4K8O+t+ULQ
0B+3rcYOg6s2wq0phH5r44LpMvmzd516Y4a/o1Pn9F5kGcGWEHk=
=6nFZ
-----END PGP SIGNATURE-----