| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search | 
| Name: exim | Distribution: openSUSE Tumbleweed | 
| Version: 4.98.2 | Vendor: openSUSE | 
| Release: 4.1 | Build date: Thu Sep 25 16:48:37 2025 | 
| Group: Productivity/Networking/Email/Servers | Build host: reproducible | 
| Size: 3480174 | Source RPM: exim-4.98.2-4.1.src.rpm | 
| Packager: http://bugs.opensuse.org | |
| Url: https://www.exim.org/ | |
| Summary: The Exim Mail Transfer Agent, a Replacement for sendmail | |
Exim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style, it is similar to Smail 3, but its facilities are more extensive. In particular, it has options for verifying incoming sender and recipient addresses, for refusing mail from specified hosts, networks, or senders, and for controlling mail relaying.
GPL-2.0-or-later
* Thu Sep 25 2025 Wolfgang Engel <wolfgang.engel@suse.com>
  - Fix potential security issue with logfile rotation CVE-2025-53881 (bsc#1246457)
* Fri Jun 06 2025 Wolfgang Engel <wolfgang.engel@suse.com>
  - fix issues with permissions (bsc#1240755):
    * add su mail mail option to exim.logrotate
    * add %verify_permissions -e /var/spool/mail/
    * add trailing slash
      %set_permissions /var/spool/mail/
* Tue May 20 2025 Wolfgang Engel <wolfgang.engel@suse.com>
  - fix issues with permissions (bsc#1240755):
    * remove /usr/sbin/exim from permissions.exim file
    * add set_permissions entry for /var/spool/mail to spec file in
      post section
* Fri May 16 2025 Wolfgang Engel <wolfgang.engel@suse.com>
  - fix installation of permissions.exim file in /etc/permissions.d/ directory if
    suse_version is set (bsc#1240755)
* Thu Mar 27 2025 Alexander Bergmann <abergmann@suse.com>
  - security release 4.98.2 for CVE-2025-30232 (bsc#1239794)
    * Fixed use-after-free with potential for privilege escalation.
  - security release 4.98.1 for CVE-2025-26794 (bsc#1237424)
    * Fixed remote SQL injection when SQLite hints and ETRN serialization
      are used.
* Tue Mar 11 2025 Wolfgang Engel <wolfgang.engel@suse.com>
  - Adding directory /var/spool/mail/ to permissions file /etc/permissions.d/exim
    as required by rpmlint (bsc#123625)
* Mon Nov 18 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Own /srv/www which is no longer owned by the filesystem package.
* Mon Jul 15 2024 Dirk Müller <dmueller@suse.com>
  - update to 4.98 (bsc#1227423, CVE-2024-39929):
    * The dkim_status ACL condition may now be used in data ACLs
    * The dkim_verbose logging control also enables logging of signing
    * The dkim_timestamps signing option now accepts zero to include
      a current timestamp but no expiry timestamp.
    * The recipients_max main option is now expanded.
    * Setting variables for "exim -be" can set a tainted value.
    * A dns:fail event.
    * The dsearch lookup supports search for a sub-path.
    * Include mailtest utility for simple connection checking.
    * Add SMTP WELLKNOWN extension.
* Thu Feb 22 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Use %patch -P N instead of deprecated %patchN.
* Sat Dec 30 2023 Dirk Müller <dmueller@suse.com>
  - update to 4.97.1 (bsc#1218387, CVE-2023-51766):
    * Fixes for the smtp protocol smuggling (CVE-2023-51766)
* Tue Nov 07 2023 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - update to exim 4.97
    * remove patch-no-exit-on-rewrite-malformed-address.patch (upstreamed)
* Mon Oct 16 2023 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - security update to exim 4.96.2
    * fixes CVE-2023-42117 (bsc#1215787)
    * fixes CVE-2023-42119 (bsc#1215789)
* Mon Oct 02 2023 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - security update to exim 4.96.1
    * fixes CVE-2023-42114 (bsc#1215784)
    * fixes CVE-2023-42115 (bsc#1215785)
    * fixes CVE-2023-42116 (bsc#1215786)
* Tue Mar 28 2023 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - enable sender rewriting support (SUPPORT_SRS)
* Wed Jan 25 2023 Thorsten Kukuk <kukuk@suse.com>
  - Don't build the NIS module anymore, libnsl/NIS are deprecated
* Tue Oct 18 2022 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - add patch-cve-2022-3559 (fixes CVE-2022-3559, bsc#1204427, Bug 2915)
* Thu Sep 29 2022 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - add (patch-no-exit-on-rewrite-malformed-address.patch)
    Fix exit on attempt to rewrite a malformed address (Bug 2903)
* Tue Sep 06 2022 Ludwig Nussel <lnussel@suse.de>
  - Own /var/spool/mail (boo#1179574)
* Thu Sep 01 2022 Stefan Schubert <schubi@suse.com>
  - Migration to /usr/etc: Saving user changed configuration files
    in /etc and restoring them while an RPM update.
* Wed Jun 29 2022 Stefan Schubert <schubi@suse.com>
  - Moved logrotate files from user specific directory /etc/logrotate.d
    to vendor specific directory /usr/etc/logrotate.d.
* Mon Jun 27 2022 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - update to exim 4.96
    * Move from using the pcre library to pcre2.
    * Constification work in the filters module required a major version
      bump for the local-scan API.  Specifically, the "headers_charset"
      global which is visible via the API is now const and may therefore
      not be modified by local-scan code.
    * Bug 2819: speed up command-line messages being read in.  Previously a
      time check was being done for every character; replace that with one
      per buffer.
    * Bug 2815: Fix ALPN sent by server under OpenSSL.  Previously the string
      sent was prefixed with a length byte.
    * Change the SMTP feature name for pipelining connect to be compliant with
      RFC 5321.  Previously Dovecot (at least) would log errors during
      submission.
    * Fix macro-definition during "-be" expansion testing.  The move to
      write-protected store for macros had not accounted for these runtime
      additions; fix by removing this protection for "-be" mode.
    * Convert all uses of select() to poll().
    * Fix use of $sender_host_name in daemon process.  When used in certain
      main-section options or in a connect ACL, the value from the first ever
      connection was never replaced for subsequent connections.
    * Bug 2838: Fix for i32lp64 hard-align platforms
    * Bug 2845: Fix handling of tls_require_ciphers for OpenSSL when a value
      with underbars is given.
    * Bug 1895: TLS: Deprecate RFC 5114 Diffie-Hellman parameters.
    * Debugging initiated by an ACL control now continues through into routing
      and transport processes.
    * The "expand" debug selector now gives more detail, specifically on the
      result of expansion operators and items.
    * Bug 2751: Fix include_directory in redirect routers.  Previously a
      bad comparison between the option value and the name of the file to
      be included was done, and a mismatch was wrongly identified.
    * Support for Berkeley DB versions 1 and 2 is withdrawn.
    * When built with NDBM for hints DB's check for nonexistence of a name
      supplied as the db file-pair basename.
    * Remove the "allow_insecure_tainted_data" main config option and the
      "taint" log_selector.
    * Fix static address-list lookups to properly return the matched item.
      Previously only the domain part was returned.
    * The ${run} expansion item now expands its command string elements after
      splitting.  Previously it was before; the new ordering makes handling
      zero-length arguments simpler.
    * Taint-check exec arguments for transport-initiated external processes.
      Previously, tainted values could be used.  This affects "pipe", "lmtp" and
      "queryprogram" transport, transport-filter, and ETRN commands.
      The ${run} expansion is also affected: in "preexpand" mode no part of
      the command line may be tainted, in default mode the executable name
      may not be tainted.
    * Fix CHUNKING on a continued-transport.  Previously the usabilility of
      the facility was not passed across execs, and only the first message
      passed over a connection could use BDAT; any further ones using DATA.
    * Support the PIPECONNECT facility in the smtp transport when the helo_data
      uses $sending_ip_address and an interface is specified.
    * OpenSSL: fix transport-required OCSP stapling verification under session
      resumption.
    * TLS resumption: the key for session lookup in the client now includes
      more info that a server could potentially use in configuring a TLS
      session, avoiding oferring mismatching sessions to such a server.
    * Fix string_copyn() for limit greater than actual string length.
    * Bug 2886: GnuTLS: Do not free the cached creds on transport connection
      close; it may be needed for a subsequent connection.
    * Fix CHUNKING for a second message on a connection when the first was
      rejected.
    * Fix ${srs_encode ...} to handle an empty sender address, now returning
      an empty address.
    * Bug 2855: Handle a v4mapped sender address given us by a frontending
      proxy.
* Wed Jan 19 2022 Peter Wullinger <wullinger@rz.uni-kiel.de>
  - disable ProtectHome=, it prevents local delivery (bsc#1194810)
/etc/exim /etc/permissions.d/exim /usr/bin/mailq /usr/bin/newaliases /usr/bin/rsmtp /usr/bin/runq /usr/etc/logrotate.d/exim /usr/lib/sendmail /usr/lib/systemd/system/exim.service /usr/sbin/exicyclog /usr/sbin/exigrep /usr/sbin/exim /usr/sbin/exim_checkaccess /usr/sbin/exim_dbmbuild /usr/sbin/exim_dumpdb /usr/sbin/exim_fixdb /usr/sbin/exim_id_update /usr/sbin/exim_lock /usr/sbin/exim_msgdate /usr/sbin/exim_tidydb /usr/sbin/eximstats /usr/sbin/exinext /usr/sbin/exipick /usr/sbin/exiqgrep /usr/sbin/exiqsumm /usr/sbin/exiwhat /usr/sbin/rcexim /usr/sbin/sendmail /usr/share/apparmor /usr/share/apparmor/extra-profiles /usr/share/apparmor/extra-profiles/usr.sbin.exim /usr/share/doc/packages/exim /usr/share/doc/packages/exim/ACKNOWLEDGMENTS /usr/share/doc/packages/exim/CHANGES /usr/share/doc/packages/exim/NOTICE /usr/share/doc/packages/exim/README /usr/share/doc/packages/exim/README.UPDATING /usr/share/doc/packages/exim/configure.default /usr/share/doc/packages/exim/convert4r3 /usr/share/doc/packages/exim/convert4r4 /usr/share/doc/packages/exim/doc /usr/share/doc/packages/exim/doc/ChangeLog /usr/share/doc/packages/exim/doc/DANE-draft-notes /usr/share/doc/packages/exim/doc/Exim3.upgrade /usr/share/doc/packages/exim/doc/Exim4.upgrade /usr/share/doc/packages/exim/doc/GnuTLS-FAQ.txt.gz /usr/share/doc/packages/exim/doc/NewStuff /usr/share/doc/packages/exim/doc/OptionLists.txt.gz /usr/share/doc/packages/exim/doc/README /usr/share/doc/packages/exim/doc/README.SIEVE /usr/share/doc/packages/exim/doc/cve-2016-9663 /usr/share/doc/packages/exim/doc/cve-2019-13917 /usr/share/doc/packages/exim/doc/cve-2019-13917.rpmmoved /usr/share/doc/packages/exim/doc/cve-2019-15846 /usr/share/doc/packages/exim/doc/cve-2019-15846/cve.txt /usr/share/doc/packages/exim/doc/cve-2019-15846/mitre.mbx /usr/share/doc/packages/exim/doc/cve-2019-15846/posting-0.txt /usr/share/doc/packages/exim/doc/cve-2019-15846/posting-1.txt /usr/share/doc/packages/exim/doc/cve-2019-15846/posting-2.txt /usr/share/doc/packages/exim/doc/cve-2019-15846/qualys.mbx /usr/share/doc/packages/exim/doc/cve-2020-qualys /usr/share/doc/packages/exim/doc/cve-2023-51766 /usr/share/doc/packages/exim/doc/dbm.discuss.txt.gz /usr/share/doc/packages/exim/doc/experimental-spec.txt.gz /usr/share/doc/packages/exim/doc/filter.txt.gz /usr/share/doc/packages/exim/doc/id-wellknown.txt.gz /usr/share/doc/packages/exim/doc/openssl.txt.gz /usr/share/doc/packages/exim/doc/spec.txt.gz /usr/share/doc/packages/exim/util /usr/share/doc/packages/exim/util/.gitignore /usr/share/doc/packages/exim/util/README /usr/share/doc/packages/exim/util/chunking_fixqueue_finalnewlines.pl /usr/share/doc/packages/exim/util/cramtest.pl /usr/share/doc/packages/exim/util/gen_pkcs3.c /usr/share/doc/packages/exim/util/logargs.sh /usr/share/doc/packages/exim/util/mailtest /usr/share/doc/packages/exim/util/mkcdb.pl /usr/share/doc/packages/exim/util/ocsp_fetch.pl /usr/share/doc/packages/exim/util/proxy_protocol_client.pl /usr/share/doc/packages/exim/util/ratelimit.pl /usr/share/doc/packages/exim/util/renew-opendmarc-tlds.sh /usr/share/doc/packages/exim/util/unknownuser.sh /usr/share/fillup-templates/sysconfig.exim /usr/share/licenses/exim /usr/share/licenses/exim/LICENCE /usr/share/man/man8/exim.8.gz /usr/share/man/man8/exim_db.8.gz /usr/share/man/man8/exim_dumpdb.8.gz /usr/share/man/man8/exim_fixdb.8.gz /usr/share/man/man8/exim_tidydb.8.gz /usr/share/man/man8/eximstats.8.gz /usr/share/man/man8/mailq.8.gz /usr/share/man/man8/newaliases.8.gz /usr/share/man/man8/rsmtp.8.gz /usr/share/man/man8/runq.8.gz /usr/share/man/man8/sendmail.8.gz /var/log/exim /var/mail /var/spool/mail
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 17 22:54:09 2025