Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian....@packages.debian.org
Usertags: pu
Hi Stable release managers,
The recent DSA had a defective backported patch applied for the
wheezy-security upload. Apologies it slept trough on the review, so I
propose the attached debdiff to fix this in wheezy via the last point
release (the issue is not severe enought to do a follow up DSA).
Fine with that upload?
Regards,
Salvatore
diff -Nru exim4-4.80/debian/changelog exim4-4.80/debian/changelog
--- exim4-4.80/debian/changelog 2016-03-13 18:46:32.000000000 +0100
+++ exim4-4.80/debian/changelog 2016-03-14 21:02:22.000000000 +0100
@@ -1,3 +1,11 @@
+exim4 (4.80-7+deb7u3) wheezy; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix defect in 89_02_Store-the-initial-working-directory.diff patch.
+ Thanks to Marc Deslauriers
+
+ -- Salvatore Bonaccorso <car...@debian.org> Mon, 14 Mar 2016 21:01:47 +0100
+
exim4 (4.80-7+deb7u2) wheezy-security; urgency=high
* 88_CVE-2016-1531.diff:
diff -Nru exim4-4.80/debian/patches/89_02_Store-the-initial-working-directory.diff exim4-4.80/debian/patches/89_02_Store-the-initial-working-directory.diff
--- exim4-4.80/debian/patches/89_02_Store-the-initial-working-directory.diff 2016-03-13 18:46:32.000000000 +0100
+++ exim4-4.80/debian/patches/89_02_Store-the-initial-working-directory.diff 2016-03-14 21:02:22.000000000 +0100
@@ -28,13 +28,13 @@
readconf_main();
if (cleanup_environment() == FALSE)
-@@ -3698,8 +3705,10 @@ if (((debug_selector & D_any) != 0 || (l
+@@ -3698,8 +3705,9 @@ if (((debug_selector & D_any) != 0 || (l
{
int i;
uschar *p = big_buffer;
- Ustrcpy(p, "cwd=");
- (void)getcwd(CS p+4, big_buffer_size - 4);
-+
+- (void)getcwd(CS p+4, big_buffer_size - 4);
++ Ustrcpy(p, "cwd= (failed)");
+ Ustrncpy(p + 4, initial_cwd, big_buffer_size-5);
+
while (*p) p++;
