Huge apologies, if I am posting this in the incorrect forum/channel.
I wonder if it would be possible (or if there are any plans) to create an exim-4.92.3+fixes package (taintwarn)?
We are actively looking at what we need to change to be able to operate with 4.94 (tainted features) but cannot implement quickly. (hence leaving us unpatched)
https://www.openwall.com/lists/oss-security/2021/05/04/6
In case you're running exim-4.92.3 currently and you do not see any
option in updating this to 4.94.2, you can try using the branch
exim-4.92.3+fixes. This branch contains the minimal set of backported
security patches, but isn't officially supported by the Exim project
and didn't get the same testing as the official release.
K
@tomato: I don't think this is planned for the EPEL exim package (please note I'm just a random Fedora contributor, not an Exim packager) but it should be pretty easy for you to create a COPR repo for yourself. I'm currently swamped with work so I can't offer this as a volunteer for free.
This update has been submitted for testing by jskarvad.
This update's test gating status has been changed to 'ignored'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
works on our servers
jskarvad edited this update.
jskarvad edited this update.
This update has been submitted for stable by jskarvad.
This update has been pushed to stable.
Huge apologies, if I am posting this in the incorrect forum/channel. I wonder if it would be possible (or if there are any plans) to create an exim-4.92.3+fixes package (taintwarn)? We are actively looking at what we need to change to be able to operate with 4.94 (tainted features) but cannot implement quickly. (hence leaving us unpatched)
https://www.openwall.com/lists/oss-security/2021/05/04/6 In case you're running exim-4.92.3 currently and you do not see any option in updating this to 4.94.2, you can try using the branch exim-4.92.3+fixes. This branch contains the minimal set of backported security patches, but isn't officially supported by the Exim project and didn't get the same testing as the official release. K
@tomato: I don't think this is planned for the EPEL exim package (please note I'm just a random Fedora contributor, not an Exim packager) but it should be pretty easy for you to create a COPR repo for yourself. I'm currently swamped with work so I can't offer this as a volunteer for free.