From owner-freebsd-security@freebsd.org  Fri May  7 15:41:59 2021
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 056F0632E54
 for <freebsd-security@mailman.nyi.freebsd.org>;
 Fri,  7 May 2021 15:41:59 +0000 (UTC)
 (envelope-from cli_junkie@protonmail.com)
Received: from mail-40141.protonmail.ch (mail-40141.protonmail.ch
 [185.70.40.141])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "protonmail.com",
 Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4FcF794FP7z4mQW
 for <freebsd-security@freebsd.org>; Fri,  7 May 2021 15:41:57 +0000 (UTC)
 (envelope-from cli_junkie@protonmail.com)
Date: Fri, 07 May 2021 15:41:50 +0000
To: Gordon Tetlow <gordon@tetlows.org>
From: P <cli_junkie@protonmail.com>
Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>,
 "fluffy@freebsd.org" <fluffy@freebsd.org>
Reply-To: P <cli_junkie@protonmail.com>
Subject: Re: Exim security release
Message-ID: <QuXJgvXv7Mi7Rz9wcZK5ye3kF5sKon2qXeGyxoqnGImXh-Gqj9--gdny5UbwGzcDebaz48ukxipt30U9CNRwrpaRnUVhVLD2EreeTtV-3iI=@protonmail.com>
In-Reply-To: <CAKghNw2er1QJ6UC0pRowYDMe9WGF_GF8RNCDtS3AswhrO4rSqg@mail.gmail.com>
References: <gzVndqiBfjy4fTzTwzgfMV0rNsqDmIUfjA-Lh0Yz6V8LBCfBGWZ0HaEzCAVjp4BmJlGrVGPb-HOiOMJ5dWxwaY2AlbQ6v0kC59KbxM8lkuI=@protonmail.com>
 <CAKghNw2er1QJ6UC0pRowYDMe9WGF_GF8RNCDtS3AswhrO4rSqg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no
 autolearn=disabled version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 mailout.protonmail.ch
X-Rspamd-Queue-Id: 4FcF794FP7z4mQW
X-Spamd-Bar: --
X-Spamd-Result: default: False [-2.21 / 15.00];
 HAS_REPLYTO(0.00)[cli_junkie@protonmail.com];
 TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[];
 FREEMAIL_FROM(0.00)[protonmail.com];
 R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24];
 DKIM_TRACE(0.00)[protonmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine];
 RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[protonmail.com];
 ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH];
 MID_RHS_MATCH_FROM(0.00)[];
 RCVD_IN_DNSWL_LOW(-0.10)[185.70.40.141:from]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail];
 REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[3]; NEURAL_SPAM_SHORT(0.89)[0.891];
 NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain];
 FREEMAIL_REPLYTO(0.00)[protonmail.com];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RWL_MAILSPIKE_VERYGOOD(0.00)[185.70.40.141:from];
 MAILMAN_DEST(0.00)[freebsd-security]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 May 2021 15:41:59 -0000

=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90
On Thursday, May 6, 2021 2:41 AM, Gordon Tetlow <gordon@tetlows.org> wrote:

> The port maintainer (CC'd) has already included an update for the new
> Exim release. It should be available in the port system already. Pkg's
> are usually built a couple of times a week.
>
> Gordon

Thank you for taking the time to reply, and apologies for my delay in
getting back to this.

I was looking here [0] and saw the last activity still points to the
+fixes branch of November 2020, which is what prompted my question. If
you don't mind, where did you see the included update so I know where
to look the next time.

I also did pkg update yesterday, including exim-postgresql. exim -bV
now shows v4.94.2 which seems to match the patched version from the
Exim mailing list. But not sure how to confirm that either.

Appreciate the help!
P

[0]
https://svnweb.FreeBSD.org/ports/head/mail/exim

>
> On Wed, May 5, 2021 at 7:02 PM Patrick via freebsd-security
> freebsd-security@freebsd.org wrote:
>
> > Hello, and apologies if this is not the right place to be asking this
> > question.
> > A major security release was announced yesterday by the Exim dev team
> > [0]. I see some Linux distros have already released patched versions of
> > Exim in their package repos. Is there any chance the FreeBSD Exim port
> > will be updated to reflect these patches?
> > Thanks,
> > P
> > [0]
> > https://lists.exim.org/lurker/message/20210504.134007.ce022df3.en.html
> >
> > freebsd-security@freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-security
> > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.=
org"