Back to exim4 PTS page

Accepted exim4 4.97-3 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted exim4 4.97-3 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 25 Dec 2023 07:04:04 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: exim4_4.97-3_multi.changes
Debian-source: exim4
Debian-suite: unstable
Debian-version: 4.97-3
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=F7Nw8mYzSuJHZyuUYOcAjWf6zB8q+7d8hNuSgjiTsDc=; b=hrroqVOdWpgKxp2hcx/fzuCR6j dkYdE6I7irW4lRIeXYGLMV1u4o5+bxVJ5vwCohLjkWse+XC65g7QR8TUIF3I2BDveTsLI544j0B1T kL6DYu1uW9thOEQcKAyrLe8Qpjo3nLjESobtcN5OuC9OJDzTXNZsEvC7KCuSBm4XMk7BlTw5umbUX IU6Zl6V4mS8KFOHz24NqcyJ26pXl/Nn2CsRlmf9tJd3OWaODvbw+DifGNODzhXQfhZAwoUdslvJGo 92MLNzItPcO8xWWF4yauYejnjIDTIxdvvJETsEI163hPEncW99qAxssEKKEFJgcJcxEmR9tUh1QL6 h4OHPLrw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1rHf0O-00DnAw-IG@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 Dec 2023 07:50:16 +0100
Source: exim4
Architecture: source
Version: 4.97-3
Distribution: unstable
Urgency: medium
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 1059387
Changes:
 exim4 (4.97-3) unstable; urgency=medium
 .
   * Fixes from upstream GIT master:
     77_01-Reject-dot-LF-as-ending-data-phase.-Bug-3063.patch
     77_02-Use-enum-for-body-data-input-state-machine.patch
     77_03-Reject-dot-LF-as-ending-data-phase-pt.-2-.-Bug-3063.patch
     + Enforce a data synch check before emitting the 354 "go ahead".
       Previously this was only done if a pre-data ACL was configured.
     + Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
       LF-only mode (as detected from the first header line).  Previously we
       did accept that in (normal) CRLF mode; this has been raised as a
       possible attack scenario (under the name "smtp smuggling").
     Closes: #1059387 CVE-2023-51766
Checksums-Sha1: 
 efbbd99c913bfee9faae73178c66d40f19eb082c 2911 exim4_4.97-3.dsc
 937c4f79150345006725543c0886893714da38b7 473384 exim4_4.97-3.debian.tar.xz
Checksums-Sha256: 
 6b96dd15c02b37a991b794a8cca10c40306960a429f81e0e9e01eade1e15b522 2911 exim4_4.97-3.dsc
 f9ae0a29683c13eb946438ca144217099fb3b13f14de22247b3d08d5c9a18f76 473384 exim4_4.97-3.debian.tar.xz
Files: 
 1eb914ca7b17ec4bba3f98e2726711ae 2911 mail standard exim4_4.97-3.dsc
 06bc9d31722a2cfa4aefe11b38105887 473384 mail standard exim4_4.97-3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmWJJnIACgkQpU8BhUOC
FIQO+Q/9Gn/9/CldIBv/HxgqQrKk2460LAfl+mPe66kNTsLOulrUl6l+xfkC9HZd
swbH/qT58AL/000zf+x5PrUUo1vqMAbnXAli+cvT/aR6to3VQ72U/RWbjddQTPzL
mvliG3KANuhK0kWsLvIZgJftMTMGpnY6dujU7UyofnzKJ6wKcCtLaY1kxs5BWU/D
B1oQGEoYGELImRpp3qzZ9QE+UT+Wm+Gz6ZyNCmfdko6FG++m/QmE1+6vMSE1NFmI
zHHhPnS0P3srk7VSLa7tphWNLYS5vypwLTTqRy/iKfBjL3SBJjdJsRMsacUusjJo
QpxJUv3j90tasuuSWvjLvwBhxI1UJRmpWgkPe/IhF+rbmZ9grk62+BHqVqbiI+Px
diTGjqcmic6Ds2JbovNl837lO+zLgJYkVIqyBFelLjhZsoBGK+Qc2SUH03Q0iobH
S9vhgHNQwW+Wy8oYKF/d0lIjUTEaqzh1+fTejWLa/S0nwnknqlguifGK4BxiUSW2
t5QWeNnJEPd7hv+f1Sot8Sw8FJI677IEKHuQxRFxoT+XXe3JWT+tvIdeYF8gD8XB
1UVg2x3gkokPB/i7yMJ5sO5Q2/nYgnIDrtbIad7UwLGmtRKhsznJg8NaOYF2ZTjx
9AbONHu4WhQqJyJlzniVBNb26aXO0J5GNcxWkm3U6S18iDbZ5Js=
=WxeR
-----END PGP SIGNATURE-----