summaryrefslogtreecommitdiffstats
path: root/debian/patches/73_05-Fix-tainted-message-for-fakereject.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 09:44:08 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 09:44:08 +0000
commit933bbaf3ed7bd659a5c044745aea763815928598 (patch)
tree6fe3906ff9f7121999800da3683c206d128b7d39 /debian/patches/73_05-Fix-tainted-message-for-fakereject.patch
parentAdding upstream version 4.94.2. (diff)
downloadexim4-debian.tar.xz
exim4-debian.zip
Adding debian version 4.94.2-7+deb11u2.debian/4.94.2-7+deb11u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--debian/patches/73_05-Fix-tainted-message-for-fakereject.patch44
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/patches/73_05-Fix-tainted-message-for-fakereject.patch b/debian/patches/73_05-Fix-tainted-message-for-fakereject.patch
new file mode 100644
index 0000000..a152417
--- /dev/null
+++ b/debian/patches/73_05-Fix-tainted-message-for-fakereject.patch
@@ -0,0 +1,44 @@
+From c819f3bcad02bcb06004ae2ad135b68fab0ae888 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Wed, 7 Jul 2021 22:19:07 +0100
+Subject: [PATCH 5/5] Fix tainted message for fakereject
+
+(cherry picked from commit a9ac2d7fc219e41a353abf1f599258b9b9d21b7e)
+---
+ doc/ChangeLog | 4 ++++
+ src/acl.c | 4 +++-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/doc/ChangeLog b/doc/ChangeLog
+index e60c1cad5..3e93f653f 100644
+--- a/doc/ChangeLog
++++ b/doc/ChangeLog
+@@ -227,6 +227,10 @@ JH/53 Bug 2743: fix immediate-delivery via named queue. Previously this would
+ fail with a taint-check on the spoolfile name, and leave the message
+ queued.
+
++JH/57 Fix control=fakreject for a custom message containing tainted data.
++ Previously this resulted in a log complaint, due to a re-expansion present
++ since fakereject was originally introduced.
++
+
+ Exim version 4.94
+ -----------------
+diff --git a/src/acl.c b/src/acl.c
+index 7061230b4..65324405c 100644
+--- a/src/acl.c
++++ b/src/acl.c
+@@ -3137,7 +3137,9 @@ for (; cb; cb = cb->next)
+ {
+ const uschar *pp = p + 1;
+ while (*pp) pp++;
+- fake_response_text = expand_string(string_copyn(p+1, pp-p-1));
++ /* The entire control= line was expanded at top so no need to expand
++ the part after the / */
++ fake_response_text = string_copyn(p+1, pp-p-1);
+ p = pp;
+ }
+ else /* Explicitly reset to default string */
+--
+2.30.2
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-04 22:56:10 +0000