1 files changed, 57 insertions, 0 deletions

diff --git a/debian/patches/84_27-testsuite-adjustments-for-CVE-2020-28014-CVE-2021-27.patch b/debian/patches/84_27-testsuite-adjustments-for-CVE-2020-28014-CVE-2021-27.patch
new file mode 100644
index 0000000..d0dc071
--- /dev/null
+++ b/debian/patches/84_27-testsuite-adjustments-for-CVE-2020-28014-CVE-2021-27.patch
@@ -0,0 +1,57 @@
+From 47a48ed569503d8730bafcfd0f96d27cb72c9454 Mon Sep 17 00:00:00 2001
+From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Date: Sat, 1 May 2021 11:21:22 +0200
+Subject: [PATCH 27/29] testsuite: adjustments for CVE-2020-28014,
+ CVE-2021-27216 (Arbitrary PID file creation)
+
+---
+ src/daemon.c | 32 --------------------------------
+ test/stderr/0433 | 24 ------------------------
+ 2 files changed, 56 deletions(-)
+
+diff --git a/src/daemon.c b/src/daemon.c
+index 9403472f3..7c15d148c 100644
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -1044,38 +1044,6 @@ exim_exit(EXIT_SUCCESS, US"");
+ }
+ 
+ 
+-/* Called by the daemon; exec a child to get the pid file deleted
+-since we may require privs for the containing directory */
+-
+-static void
+-daemon_die(void)
+-{
+-int pid;
+-
+-DEBUG(D_any) debug_printf("SIGTERM/SIGINT seen\n");
+-#if defined(SUPPORT_TLS) && (defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT))
+-tls_watch_invalidate();
+-#endif
+-
+-if (f.running_in_test_harness || write_pid)
+-  {
+-  if ((pid = fork()) == 0)
+-    {
+-    if (override_pid_file_path)
+-      (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, 3,
+-	"-oP", override_pid_file_path, "-oPX");
+-    else
+-      (void)child_exec_exim(CEE_EXEC_PANIC, FALSE, NULL, FALSE, 1, "-oPX");
+-
+-    /* Control never returns here. */
+-    }
+-  if (pid > 0)
+-    child_close(pid, 1);
+-  }
+-exim_exit(EXIT_SUCCESS, US"");
+-}
+-
+-
+ 
+ /*************************************************
+ *              Exim Daemon Mainline              *
+-- 
+2.30.2
+