80cfab8fde
Fixes CVE-2014-2972 - prevent double expansion in math comparison functions (can expand unsanitized data). Also rename patches according to patch naming policy. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
41 lines
1.5 KiB
Diff
41 lines
1.5 KiB
Diff
The exim install script installs a binary named exim-<version>, plus a symlink
|
|
to it named exim.
|
|
In order to achieve this "feature" (of dubious usefulness) it runs the
|
|
executable (on the host) and then filters its output to grab the version number.
|
|
This clearly cannot work if the executable is cross-compiled, so get rid of all
|
|
of it and just install an executable file called exim.
|
|
|
|
Inspired by:
|
|
http://patch-tracker.debian.org/patch/series/view/exim4/4.76-2/35_install.dpatch
|
|
|
|
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
|
|
---
|
|
scripts/exim_install | 7 +++++--
|
|
1 files changed, 5 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/scripts/exim_install b/scripts/exim_install
|
|
index e68e7d5..487a4e1 100755
|
|
--- a/scripts/exim_install
|
|
+++ b/scripts/exim_install
|
|
@@ -59,6 +59,8 @@ while [ $# -gt 0 ] ; do
|
|
shift
|
|
done
|
|
|
|
+do_symlink=no
|
|
+
|
|
# Get the values of BIN_DIRECTORY, CONFIGURE_FILE, INFO_DIRECTORY, NO_SYMLINK,
|
|
# SYSTEM_ALIASES_FILE, and EXE from the global Makefile (in the build
|
|
# directory). EXE is empty except in the Cygwin environment. In each case, keep
|
|
@@ -218,8 +220,9 @@ while [ $# -gt 0 ]; do
|
|
# The exim binary is handled specially
|
|
|
|
if [ $name = exim${EXE} ]; then
|
|
- version=exim-`./exim -bV -C /dev/null | \
|
|
- awk '/Exim version/ { OFS=""; print $3,"-",substr($4,2,length($4)-1) }'`${EXE}
|
|
+ version=exim
|
|
+# version=exim-`./exim -bV -C /dev/null | \
|
|
+# awk '/Exim version/ { OFS=""; print $3,"-",substr($4,2,length($4)-1) }'`${EXE}
|
|
|
|
if [ "${version}" = "exim-${EXE}" ]; then
|
|
echo $com ""
|