Fixes CVE-2014-2972 - prevent double expansion in math comparison
functions (can expand unsanitized data).
Also rename patches according to patch naming policy.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The current implementation causes troubles with the autobuilders when they
set BR2_PACKAGE_EXIM_CUSTOM_CONFIG=y, because in these cases
BR2_PACKAGE_EXIM_CUSTOM_CONFIG_FILE is empty, and this is a configuration
error.
Solve the problem by entirely reomving the BR2_PACKAGE_EXIM_CUSTOM_CONFIG
boolean knob. Activation of the custon configuration file is now detected by
the fact that BR2_PACKAGE_EXIM_CUSTOM_CONFIG_FILE is non-empty.
Fixes:
http://autobuild.buildroot.org/results/0db/0db54c555f6c7e635ebf99f86b3f91dc31e441f0/
[Thomas: slightly improve commit log.]
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: bernd.kuhls@t-online.de
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
exim has lots of options configurable before the build process. It's not
useful to have all of them exposed in Buildroot, yet users may need to tweak
them.
Allow the user to pass an entire configuration file to make exim totally
reconfigurable without bloating the Buildroot menus.
[Thomas: remove "for exim" from Config.in options prompts.]
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bump exim to get an urgent security fix.
We should not be impacted, since we're not building with DMARC (where
the flaw is), but better safe than sorry.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Acked-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes http://autobuild.buildroot.net/results/0a3/0a392087878f80a70435981856455a30152b684d/
When building static, we need to tell exim that it needs to link
statically (obviously), and that it should link against pthreads.
Yet, exim is still not happy with that, as it still wants to build
something (a version-related program) at install time, so we need
to replicate the ld flags at install time.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Buildroot currently ships a very minimal build configuration file for exim,
which disables most optional features. This is not coherent with the runtime
configuration file, taken verbatim from the exim distribution, which enables
some of these features.
The visible symptom is an error during boot that prevents exim from starting:
Exim configuration error in line 541 of /etc/exim/configure:
router dnslookup: cannot find router driver "dnslookup"
In order to fix this problem, we change the way exim is configured at build
time. Instead of blindly copying a minimal Buildroot-provided configuration
file, we now copy the exim-provided one and then tweak it to change the needed
options. This actually makes the configuration closer to standard exim.
As the amount of tweaking is remarkable, we also define a few macros to make
it easier and more readable.
This new approach was suggested by Bernd Kuhls.
Reported-By: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas:
- use $(INSTALL) instead of install
- add AR and RANLIB variables in the local makefiles, so that the
cross toolchain ar and ranlib utilities are used instead of the
native ones.
- move the init script initialization to the EXIM_INSTALL_INIT_SYSV
variable.
- Use parenthesis instead of curly braces to reference TARGET_DIR.]
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>