svn commit: r362549 - in head/mail: exim exim-doc-html
Vsevolod Stakhov
vsevolod at FreeBSD.org
Tue Jul 22 15:39:46 UTC 2014
Author: vsevolod
Date: Tue Jul 22 15:39:44 2014
New Revision: 362549
URL: http://svnweb.freebsd.org/changeset/ports/362549
QAT: https://qat.redports.org/buildarchive/r362549/
Log:
Update to 4.83.
Changes in the port:
- Added new options:
* DNSSEC: validate peers using TLSA records
* PRDR: Per-Recipient-Data-Response support
* CERTNAMES: Check certiticates ownership
* DSN: Delivery Status Notifications
* PROXY: Experimental Proxy Protocol
- Enable OCSP stapling by default
- Disable NIS by default
- SRS support is now radio group
- DNSSEC and PRDR are now enabled by default
Changes in exim itself:
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
Uncompatible changes:
This release of Exim includes one incompatible fix: the behavior of
expansion of arguments to math comparison functions (<, <=, =, =>, >)
was unexpected, expanding the values twice. This fix also addresses a
security advisory, CVE-2014-2972. This is not a remote exploit, but if
content that is searched by the above math comparison functions is under
the control of an attacker, specially crafted data can be inserted that
will cause the Exim mail server to perform various file-system functions
as the exim user.
Modified:
head/mail/exim-doc-html/Makefile
head/mail/exim-doc-html/distinfo
head/mail/exim/Makefile
head/mail/exim/distinfo
head/mail/exim/options
Modified: head/mail/exim-doc-html/Makefile
==============================================================================
--- head/mail/exim-doc-html/Makefile Tue Jul 22 15:25:13 2014 (r362548)
+++ head/mail/exim-doc-html/Makefile Tue Jul 22 15:39:44 2014 (r362549)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= exim
-PORTVERSION= 4.82.1
+PORTVERSION= 4.83
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_EXIM:S/$/:exim/}
MASTER_SITE_SUBDIR= exim4/:exim
Modified: head/mail/exim-doc-html/distinfo
==============================================================================
--- head/mail/exim-doc-html/distinfo Tue Jul 22 15:25:13 2014 (r362548)
+++ head/mail/exim-doc-html/distinfo Tue Jul 22 15:39:44 2014 (r362549)
@@ -1,6 +1,6 @@
-SHA256 (exim/exim-html-4.82.1.tar.bz2) = 81d0237cff64b259d47c758d5c82da93bd2e7b8ce048974d53d90e597eee122e
-SIZE (exim/exim-html-4.82.1.tar.bz2) = 458569
-SHA256 (exim/exim-pdf-4.82.1.tar.bz2) = 2e3705504f22633a14d417ffcb72c6beddc2f142e38ff4f01394b83ae583ff42
-SIZE (exim/exim-pdf-4.82.1.tar.bz2) = 1835284
-SHA256 (exim/exim-postscript-4.82.1.tar.bz2) = f9c69153b1da3ef854c73ac98ec5bcef842438c5630819bc2287dec869bd039d
-SIZE (exim/exim-postscript-4.82.1.tar.bz2) = 1008574
+SHA256 (exim/exim-html-4.83.tar.bz2) = d7b38922f2aedd9eb4db7aa0e1e1c0fcd948777a4c8bac7971eaf4b2959bf0de
+SIZE (exim/exim-html-4.83.tar.bz2) = 464789
+SHA256 (exim/exim-pdf-4.83.tar.bz2) = 478fca2c13fbda403fb0c373dc61e82aa434e7167c0341f24b83195afd294b82
+SIZE (exim/exim-pdf-4.83.tar.bz2) = 1856787
+SHA256 (exim/exim-postscript-4.83.tar.bz2) = 7f8ef825a832debdab54173bfb4e86acaaa6eb139a64e8b87a785183354375cf
+SIZE (exim/exim-postscript-4.83.tar.bz2) = 1019858
Modified: head/mail/exim/Makefile
==============================================================================
--- head/mail/exim/Makefile Tue Jul 22 15:25:13 2014 (r362548)
+++ head/mail/exim/Makefile Tue Jul 22 15:39:44 2014 (r362549)
@@ -3,7 +3,6 @@
PORTNAME= exim
PORTVERSION?= ${EXIM_VERSION}
-PORTREVISION= 7
CATEGORIES= mail ipv6
MASTER_SITES= ${MASTER_SITE_EXIM:S/$/:exim/}
MASTER_SITE_SUBDIR= exim4/:exim
@@ -75,7 +74,7 @@ IGNORE= You cannot enable OCSP stapling
.endif
# DMARC implies SPF
-.if ${PORT_OPTIONS:MOCSP}
+.if ${PORT_OPTIONS:MDMARC}
.if ! ${PORT_OPTIONS:MSPF} || ! ${PORT_OPTIONS:MDKIM}
IGNORE= You cannot enable DMARC without SPF and DKIM support
.endif
@@ -93,7 +92,7 @@ MASTER_SITES+= ftp://ftp.renatasystems.o
DISTFILES+= spamooborona1024-src-${SO_1024_VERSION}.tar.gz:so_1024
.endif
-EXIM_VERSION= 4.82.1
+EXIM_VERSION= 4.83
SA_EXIM_VERSION=4.2
SO_1024_VERSION=3.2
EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink"
@@ -199,8 +198,28 @@ SEDLIST+= -e 's,^\# (EXPAND_LISTMATCH_RH
SEDLIST+= -e 's,^\# (EXPERIMENTAL_DCC=),\1,'
.endif
-.if ${PORT_OPTIONS:MOCSP}
-SEDLIST+= -e 's,^\# (EXPERIMENTAL_OCSP=),\1,'
+.if ${PORT_OPTIONS:MPROXY}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_PROXY=),\1,'
+.endif
+
+.if ${PORT_OPTIONS:MCERTNAMES}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_CERTNAMES=),\1,'
+.endif
+
+.if ${PORT_OPTIONS:MDSN}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_DSN=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MPRDR}
+SEDLIST+= -e 's,^\# (DISABLE_PRDR=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MOCSP}
+SEDLIST+= -e 's,^\# (DISABLE_OCSP=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MDNSSEC}
+SEDLIST+= -e 's,^\# (DISABLE_DNSSEC=),\1,'
.endif
.if ${PORT_OPTIONS:MDMARC}
@@ -210,7 +229,6 @@ SEDLIST+= -e 's,XX_DMARC_LIBS_XX,-L${LOC
SEDLIST+= -e 's,XX_DMARC_LIBS_XX,,'
.endif
-
.if ${PORT_OPTIONS:MWISHLIST}
EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name 'wishlist-*.patch'`
.endif
Modified: head/mail/exim/distinfo
==============================================================================
--- head/mail/exim/distinfo Tue Jul 22 15:25:13 2014 (r362548)
+++ head/mail/exim/distinfo Tue Jul 22 15:39:44 2014 (r362549)
@@ -1,5 +1,5 @@
-SHA256 (exim/exim-4.82.1.tar.bz2) = 51798cead70b9ca03df88afb63f7a0cabedee8ef82c02bd18d67591c08b14500
-SIZE (exim/exim-4.82.1.tar.bz2) = 1722912
+SHA256 (exim/exim-4.83.tar.bz2) = efa031b89ffb2ab844a4bf9d3a5d7ca4d587d82b62ae233d68c4f26e079a6a02
+SIZE (exim/exim-4.83.tar.bz2) = 1761169
SHA256 (exim/sa-exim-4.2.tar.gz) = 72e0a735547f18b05785e6c58a71d24623858f0f5234a5dc0e24cb453999e99a
SIZE (exim/sa-exim-4.2.tar.gz) = 66575
SHA256 (exim/spamooborona1024-src-3.2.tar.gz) = ab22a430f3860460045f6b213c68c89700a0cd10cbb6c7a808ece326c53787ee
Modified: head/mail/exim/options
==============================================================================
--- head/mail/exim/options Tue Jul 22 15:25:13 2014 (r362548)
+++ head/mail/exim/options Tue Jul 22 15:39:44 2014 (r362549)
@@ -1,11 +1,10 @@
OPTIONS_DEFINE+= ALT_CONFIG_PREFIX \
CONTENT_SCAN \
DAEMON \
- DCC \
DEBUG \
DISABLE_D_OPT \
DKIM \
- DMARC \
+ DNSSEC \
DOCS \
EMBEDDED_PERL \
EXIMON \
@@ -13,12 +12,11 @@ OPTIONS_DEFINE+= ALT_CONFIG_PREFIX \
IPV6 \
LISTMATCH_RHS \
LMTP \
+ NIS \
OCSP \
OLD_DEMIME \
+ PRDR \
READLINE \
- SPF \
- SRS \
- SRS_ALT \
SUID \
TCP_WRAPPERS \
WISHLIST \
@@ -33,6 +31,7 @@ OPTIONS_DEFAULT+= AUTH_CRAM_MD5 \
DISABLE_D_OPT \
DKIM \
DNSDB \
+ DNSSEC \
DSEARCH \
EMBEDDED_PERL \
ICONV \
@@ -41,10 +40,11 @@ OPTIONS_DEFAULT+= AUTH_CRAM_MD5 \
MAILDIR \
MAILSTORE \
MBX \
- NIS \
+ OCSP \
OLD_DEMIME \
PAM \
PASSWD \
+ PRDR \
SUID \
TLS
@@ -52,7 +52,9 @@ OPTIONS_RADIO_TLS= TLS GNUTLS
TLS_DESC= TLS support
OPTIONS_RADIO_LS= SA_EXIM SO_1024 KAS
LS_DESC= Local scan patch
-OPTIONS_RADIO= TLS LS
+OPTIONS_RADIO_SRSR= SRS SRS_ALT
+SRSR_DESC= Sender Rewriting Scheme
+OPTIONS_RADIO= TLS LS SRSR
OPTIONS_GROUP_AUTH= AUTH_CRAM_MD5 AUTH_DOVECOT AUTH_PLAINTEXT AUTH_RADIUS AUTH_SASL AUTH_SPA SASLAUTHD PAM PASSWD
AUTH_DESC= SMTP Authorization
@@ -60,7 +62,9 @@ OPTIONS_GROUP_LOOKUP= CDB BDB DNSDB DSEA
LOOKUP_DESC= Lookup support
OPTIONS_GROUP_STORAGE= MAILDIR MAILSTORE MBX
STORAGE_DESC= Supported storage formats
-OPTIONS_GROUP= AUTH LOOKUP STORAGE
+OPTIONS_GROUP_EXPERIMENTAL= CERTNAMES DCC DMARC DSN PROXY SPF
+EXPERIMENTAL_DESC= Experimental options
+OPTIONS_GROUP= AUTH LOOKUP STORAGE EXPERIMENTAL
ALT_CONFIG_PREFIX_DESC= Restrict the set of configuration files
AUTH_CRAM_MD5_DESC= Enable CRAM-MD5 authentication mechanisms
@@ -69,6 +73,8 @@ AUTH_PLAINTEXT_DESC= Enable plaintext au
AUTH_RADIUS_DESC= Enable radius (RFC 2865) authentication
AUTH_SASL_DESC= Enable use of Cyrus SASL auth library
AUTH_SPA_DESC= Enable Secure Password Authentication
+CERTNAMES_DESC= Check certiticates ownership
+DSN_DESC= Enable Delivery Status Notifications
BDB_DESC= Enable Berkeley DB lookups
CDB_DESC= Enable CDB-style lookups
CONTENT_SCAN_DESC= Enable exiscan email content scanner
@@ -78,6 +84,7 @@ DISABLE_D_OPT_DESC= Disable macros overr
DKIM_DESC= Enable support for DKIM
DMARC_DESC= Enable DMARC support
DNSDB_DESC= Enable DNS-style lookups
+DNSSEC_DESC= Enable DNSSEC validation
DSEARCH_DESC= Enable directory-list lookups
EMBEDDED_PERL_DESC= Enable embedded Perl interpreter
EXIMON_DESC= Build eximon monitor (requires X libraries)
@@ -97,8 +104,10 @@ OCSP_DESC= Enable OCSP stapling
PAM_DESC= Enable PAM authentication mechanisms
PASSWD_DESC= Enable /etc/passwd lookups
PGSQL_DESC= Enable postgresql lookups
+PRDR_DESC= Enable Per-Recipient-Data-Response support
+PROXY_DESC= Enable Experimental Proxy Protocol
READLINE_DESC= Enable readline(3) library
-REDIS_DESC= Enable redis lookups
+REDIS_DESC= Enable redis lookups (experimental)
SASLAUTHD_DESC= Enable use of Cyrus SASL auth daemon
SA_EXIM_DESC= Build with Spamassassin local scan
SO_1024_DESC= Build with Spamooborona-1024 local scan
More information about the svn-ports-all
mailing list