diff options
| author |  Bernd Kuhls <bernd.kuhls@t-online.de> | 2019-07-28 10:50:47 +0200 |
|---|---|---|
| committer |  Thomas Petazzoni <thomas.petazzoni@bootlin.com> | 2019-07-28 12:24:27 +0200 |
| commit | 1d3fe88d084410b0ba55e9ae0ceef19351bbcf99 (patch) | |
| tree | 1de9c34004ffc22d6e5165e2a8ec3eac70d9810b /package/exim/exim.mk | |
| parent | d4ec3c15961254c1ab92ef67898a64b652ebede0 (diff) | |
| download | buildroot-1d3fe88d084410b0ba55e9ae0ceef19351bbcf99.tar.gz buildroot-1d3fe88d084410b0ba55e9ae0ceef19351bbcf99.tar.bz2 | |
package/exim: security bump to version 4.92.1
Fixes CVE-2019-13917:
http://www.exim.org/static/doc/security/CVE-2019-13917.txt
https://github.com/Exim/exim/commit/d185889f47b9b27088e777f7d382295c51271586
added new code to "Prebuild the data structure for builtin macros".
This function needs a host-built binary called macro_predef, it depends
on host-berkeleydb, host-pcre and optionally on host-openssl.
With an openssl-enabled exim the host build of macro_predef will fail
if host-openssl is missing:
/usr/bin/gcc -DMACRO_PREDEF macro_predef.c
In file included from hash.h:14,
from exim.h:485,
from macro_predef.c:11:
sha_ver.h:37:12: fatal error: openssl/ssl.h: No such file or directory
because macro_predef also has the an optional dependency on openssl:
https://github.com/Exim/exim/blob/exim-4.92%2Bfixes/src/src/macro_predef.c#L130
Removed patches applied upstream:
0004: https://github.com/Exim/exim/commit/98913c8ea2be5188dd22ec652da1182017e8edb7
0005: https://github.com/Exim/exim/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1
0007: https://github.com/Exim/exim/commit/7ea1237c783e380d7bdb86c90b13d8203c7ecf26#diff-58af16fe62ea674adf1730edc078d175R6243
Added patch to fix uClibc build.
Added license hash, switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Diffstat (limited to 'package/exim/exim.mk')
| -rw-r--r-- | package/exim/exim.mk | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/package/exim/exim.mk b/package/exim/exim.mk index bde2df1153..577f22b366 100644 --- a/package/exim/exim.mk +++ b/package/exim/exim.mk @@ -4,12 +4,12 @@ # ################################################################################ -EXIM_VERSION = 4.89.1 +EXIM_VERSION = 4.92.1 EXIM_SOURCE = exim-$(EXIM_VERSION).tar.xz -EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4 +EXIM_SITE = https://ftp.exim.org/pub/exim/exim4 EXIM_LICENSE = GPL-2.0+ EXIM_LICENSE_FILES = LICENCE -EXIM_DEPENDENCIES = pcre berkeleydb host-pkgconf +EXIM_DEPENDENCIES = host-berkeleydb host-pcre pcre berkeleydb host-pkgconf # Modify a variable value. It must already exist in the file, either # commented or not. @@ -65,7 +65,7 @@ endef endif ifeq ($(BR2_PACKAGE_OPENSSL),y) -EXIM_DEPENDENCIES += openssl +EXIM_DEPENDENCIES += host-openssl openssl define EXIM_USE_DEFAULT_CONFIG_FILE_OPENSSL $(call exim-config-change,SUPPORT_TLS,yes) $(call exim-config-change,USE_OPENSSL_PC,openssl) @@ -111,9 +111,17 @@ ifeq ($(BR2_STATIC_LIBS),y) EXIM_STATIC_FLAGS = LFLAGS="-pthread --static" endif +# We need the host version of macro_predef during the build, before +# building it we need to prepare the makefile. # "The -j (parallel) flag must not be used with make" # (http://www.exim.org/exim-html-current/doc/html/spec_html/ch04.html) define EXIM_BUILD_CMDS + $(TARGET_MAKE_ENV) build=br $(MAKE1) -C $(@D) makefile + $(HOST_MAKE_ENV) $(MAKE1) -C $(@D)/build-br macro_predef \ + CC=$(HOSTCC) \ + LNCC=$(HOSTCC) \ + CFLAGS="$(HOST_CFLAGS)" \ + LFLAGS="-fPIC $(HOST_LDFLAGS)" $(TARGET_MAKE_ENV) build=br $(MAKE1) -C $(@D) $(EXIM_STATIC_FLAGS) endef |