mail/exim: update 4.96 -> 4.96.1 to fix several CVEs

PR:	274235
MFH:	2023Q4

14 files changed, 6 insertions, 234 deletions

diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index 98565c95aa5a..358845ea8316 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	exim
 PORTVERSION?=	${EXIM_VERSION}
-PORTREVISION?=	1
+PORTREVISION?=	0
 CATEGORIES=	mail
 MASTER_SITES=	EXIM:exim
 MASTER_SITE_SUBDIR=	/exim4/:exim \
@@ -130,7 +130,7 @@ EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.c
 EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.conf
 .endif
 
-EXIM_VERSION=	4.96
+EXIM_VERSION=	4.96.1
 SA_EXIM_VERSION=4.2.1
 EXIM_INSTALL_ARG+=	"-no_chown" "-no_symlink"
 EXTRA_PATCHES+=	`${FIND} ${PATCHDIR} -name '74_*.patch'|${SORT} -h`
diff --git a/mail/exim/distinfo b/mail/exim/distinfo
index eb6b96ef513f..5536bcc2c9df 100644
--- a/mail/exim/distinfo
+++ b/mail/exim/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1681024359
-SHA256 (exim/exim-4.96.tar.bz2) = c7a413fec601cc44a8f5fe9e5b64cb24a7d133f3a4a976f33741d98ff0ec6b91
-SIZE (exim/exim-4.96.tar.bz2) = 2047632
+TIMESTAMP = 1696250210
+SHA256 (exim/exim-4.96.1.tar.bz2) = 26bbcd4f45483c7138912b4bd31022aee8abf8ac7cdff55839d7e2a9e4c60692
+SIZE (exim/exim-4.96.1.tar.bz2) = 2048927
 SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1
 SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933
diff --git a/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch b/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch
index bf0f64942d7d..42a2c237aa82 100644
--- a/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch
+++ b/mail/exim/files/debian/75_01-Fix-exit-on-attempt-to-rewrite-a-malformed-address.-.patch
@@ -4,7 +4,6 @@ Date: Tue, 12 Jul 2022 22:14:04 +0100
 Subject: [PATCH] Fix exit on attempt to rewrite a malformed address.  Bug 2903
 
 ---
- doc/ChangeLog        |   5 +
  src/rewrite.c            |   9 +-
  test/confs/0471              |   7 +
  test/log/0471                |   5 +
@@ -12,23 +11,6 @@ Subject: [PATCH] Fix exit on attempt to rewrite a malformed address.  Bug 2903
  test/stderr/0471             | 245 ++++++++++++++++++++++++++++++++++-
  6 files changed, 267 insertions(+), 8 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -1,9 +1,14 @@
- This document describes *changes* to previous versions, that might
- affect Exim's operation, with an unchanged configuration file.  For new
- options, and new features, see the NewStuff file next to this ChangeLog.
- 
-+JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
-+      Make the rewrite never match and keep the logging.  Trust the
-+      admin to be using verify=header-syntax (to actually reject the message).
-+
-+
- Exim version 4.96
- -----------------
- 
- JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
-       after reception to before a subsequent reception.  This should
 --- a/src/rewrite.c
 +++ b/src/rewrite.c
 @@ -493,19 +493,18 @@
diff --git a/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch b/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch
index 2429e9ff55b9..6dd55c1fe806 100644
--- a/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch
+++ b/mail/exim/files/debian/75_08-Fix-regex-n-use-after-free.-Bug-2915.patch
@@ -4,7 +4,6 @@ Date: Wed, 31 Aug 2022 15:37:40 +0100
 Subject: [PATCH] Fix $regex<n> use-after-free.  Bug 2915
 
 ---
- doc/ChangeLog           |  8 +++++++-
  src/exim.c                  |  4 +---
  src/expand.c                |  2 +-
  src/functions.h             |  1 +
@@ -13,31 +12,6 @@ Subject: [PATCH] Fix $regex<n> use-after-free.  Bug 2915
  src/smtp_in.c               |  2 ++
  7 files changed, 55 insertions(+), 17 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -4,15 +4,21 @@
- 
- JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
-       Make the rewrite never match and keep the logging.  Trust the
-       admin to be using verify=header-syntax (to actually reject the message).
- 
-+JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
-+      more than one message arrived in a single connection a reference from
-+      the earlier message could be re-used.  Often a sigsegv resulted.
-+      These variables were introduced in Exim 4.87.
-+      Debug help from Graeme Fowler.
-+
- 
- Exim version 4.96
- -----------------
- 
--JH/01 Move the wait-for-next-tick (needed for unique messmage IDs) from
-+JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
-       after reception to before a subsequent reception.  This should
-       mean slightly faster delivery, and also confirmation of reception
-       to senders.
- 
- JH/02 Move from using the pcre library to pcre2.  The former is no longer
 --- a/src/exim.c
 +++ b/src/exim.c
 @@ -1999,12 +1999,10 @@
diff --git a/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch b/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch
index ae2fa16f51ea..73b584dbef4d 100644
--- a/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch
+++ b/mail/exim/files/debian/75_16-GnuTLS-fix-for-clients-offering-no-TLS-extensions.patch
@@ -4,7 +4,6 @@ Date: Fri, 30 Sep 2022 13:49:41 +0100
 Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions
 
 ---
- doc/ChangeLog              |  3 +++
  src/tls-gnu.c                  |  3 ++-
  src/tls-openssl.c              | 39 +++++++++++++++---------------
  test/confs/2091                    |  1 +
@@ -17,23 +16,6 @@ Subject: [PATCH] GnuTLS: fix for clients offering no TLS extensions
  create mode 100644 test/scripts/2090-GnuTLS-ALPN/2091
  create mode 100644 test/stdout/2091
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -10,10 +10,14 @@
-       more than one message arrived in a single connection a reference from
-       the earlier message could be re-used.  Often a sigsegv resulted.
-       These variables were introduced in Exim 4.87.
-       Debug help from Graeme Fowler.
- 
-+JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
-+      Find and fix by Jasen Betts.
-+
-+
- 
- Exim version 4.96
- -----------------
- 
- JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
 --- a/src/tls-gnu.c
 +++ b/src/tls-gnu.c
 @@ -1130,12 +1130,13 @@
diff --git a/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch b/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch
index f261d621d67a..456f315236b1 100644
--- a/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch
+++ b/mail/exim/files/debian/75_18-Fix-Build-with-libopendmarc-1.4.x-fixes-2728.patch
@@ -4,28 +4,11 @@ Date: Sat, 15 Oct 2022 19:30:58 +0200
 Subject: [PATCH 1/2] Fix: Build with libopendmarc 1.4.x (fixes 2728)
 
 ---
- doc/ChangeLog     | 3 +++
  src/EDITME            | 7 +++++--
  src/config.h.defaults | 1 +
  src/dmarc.c           | 7 ++++++-
  4 files changed, 15 insertions(+), 3 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -13,10 +13,13 @@
-       Debug help from Graeme Fowler.
- 
- JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
-       Find and fix by Jasen Betts.
- 
-+HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
-+      API changes in libopendmarc.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/EDITME
 +++ b/src/EDITME
 @@ -600,18 +600,21 @@
diff --git a/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch b/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch
index 2a3434f8b0b1..412c39be28d7 100644
--- a/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch
+++ b/mail/exim/files/debian/75_22-Fix-daemon-startup.-Bug-2930.patch
@@ -5,27 +5,9 @@ Subject: [PATCH 1/2] Fix daemon startup.  Bug 2930
 
 Broken-by: 7d5055276a
 ---
- doc/ChangeLog | 4 ++++
  src/daemon.c      | 8 ++++++--
  2 files changed, 10 insertions(+), 2 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -16,10 +16,14 @@
-       Find and fix by Jasen Betts.
- 
- HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
-       API changes in libopendmarc.
- 
-+JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
-+      pid 1, in the normal "background daemon" mode, having to drop process-
-+      group leadership also lost track of needing to create listener sockets.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/daemon.c
 +++ b/src/daemon.c
 @@ -1744,19 +1744,23 @@
diff --git a/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch b/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch
index 1c98ef26083b..1db2ad0c9c99 100644
--- a/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch
+++ b/mail/exim/files/debian/75_23-Fix-reccipients-after-run.-.-Bug-2929.patch
@@ -5,26 +5,9 @@ Subject: [PATCH 2/2] Fix $reccipients after ${run...}.  Bug 2929
 
 Broken-by: cfe6acff2d
 ---
- doc/ChangeLog | 3 +++
  src/transport.c   | 3 ++-
  2 files changed, 5 insertions(+), 1 deletion(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -20,10 +20,13 @@
- 
- JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
-       pid 1, in the normal "background daemon" mode, having to drop process-
-       group leadership also lost track of needing to create listener sockets.
- 
-+JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
-+      resulted in the variable appearing empty.  Find and fix by Ruben Jenster.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/transport.c
 +++ b/src/transport.c
 @@ -2342,13 +2342,14 @@
diff --git a/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch b/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch
index bd250f2b7191..d12b1b246631 100644
--- a/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch
+++ b/mail/exim/files/debian/75_31-Fix-regext-substring-capture-variables-for-null-matc.patch
@@ -6,30 +6,11 @@ Subject: [PATCH 1/2] Fix regext substring capture variables for null matches.
 
 broken-by: 59d66fdc13f0
 ---
- doc/ChangeLog | 5 +++++
  src/exim.c        | 2 ++
  src/malware.c     | 3 +++
  src/regex.c       | 2 +-
  4 files changed, 11 insertions(+), 1 deletion(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -22,10 +22,15 @@
-       pid 1, in the normal "background daemon" mode, having to drop process-
-       group leadership also lost track of needing to create listener sockets.
- 
- JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
-       resulted in the variable appearing empty.  Find and fix by Ruben Jenster.
-+ 
-+JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
-+      a capture group which obtained no text (eg. "(abc)*" matching zero
-+      occurrences) could cause a segfault if the corresponding $<n> was
-+      expanded.
- 
- 
- 
- Exim version 4.96
- -----------------
 --- a/src/exim.c
 +++ b/src/exim.c
 @@ -167,10 +167,12 @@
diff --git a/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch b/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch
index 5992faca6eac..f5dbd7a3d356 100644
--- a/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch
+++ b/mail/exim/files/debian/75_50-Fix-logging-of-max-size-log-line.patch
@@ -5,7 +5,6 @@ Subject: [PATCH] Fix logging of max-size log line
 
 Broken-by: d12746bc15d8
 ---
- doc/ChangeLog        |  5 +++++
  src/log.c                |  7 ++++---
  test/confs/0633              | 21 ++++++++++++++++++++
  test/scripts/0000-Basic/0633 |  9 +++++++++
@@ -17,24 +16,6 @@ Broken-by: d12746bc15d8
  create mode 100644 test/stderr/0633
  create mode 100644 test/stdout/0633
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -28,10 +28,15 @@ JH/13 Bug 2929: Fix using $recipients af
- JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
-       a capture group which obtained no text (eg. "(abc)*" matching zero
-       occurrences) could cause a segfault if the corresponding $<n> was
-       expanded.
- 
-+JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
-+      was exactly sized compared to the log buffer, a crash occurred with the
-+      misleading message "bad memory reference; pool not found".
-+      Found and traced by Jasen Betts.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/log.c
 +++ b/src/log.c
 @@ -803,11 +803,11 @@ Returns:    nothing
diff --git a/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch b/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch
index bbbfbe9ef1e7..271ff90ab99a 100644
--- a/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch
+++ b/mail/exim/files/debian/75_55-Fix-recursion-on-dns_again_means_nonexist.-Bug-2911.patch
@@ -4,7 +4,6 @@ Date: Wed, 28 Dec 2022 19:39:06 +0000
 Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911
 
 ---
- doc/ChangeLog        |  8 +++++
  src/dns.c                | 12 ++++++++
  test/confs/2202              | 18 +++++++++--
  test/scripts/2200-dnsdb/2202 |  8 +++++
@@ -12,27 +11,6 @@ Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911
  test/stdout/2202             |  8 +++++
  6 files changed, 108 insertions(+), 4 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -33,10 +33,18 @@ JH/14 Bug 2933: Fix regex substring matc
- JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
-       was exactly sized compared to the log buffer, a crash occurred with the
-       misleading message "bad memory reference; pool not found".
-       Found and traced by Jasen Betts.
- 
-+JH/19 Bug 2911: Fix a recursion in DNS lookups.  Previously, if the main option
-+      dns_again_means_nonexist included an element causing a DNS lookup which
-+      iteslf returned DNS_AGAIN, unbounded recursion occurred.  Possible results
-+      included (though probably not limited to) a process crash from stack
-+      memory limit, or from excessive open files.  Replace this with a paniclog
-+      whine (as this is likely a configuration error), and returning
-+      DNS_NOMATCH.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/dns.c
 +++ b/src/dns.c
 @@ -799,10 +799,11 @@ int
diff --git a/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch b/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch
index da05ba9476a8..a34731a4a453 100644
--- a/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch
+++ b/mail/exim/files/debian/75_60-OpenSSL-fix-tls_eccurve-setting-explicit-curve-group.patch
@@ -5,7 +5,6 @@ Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group.  Bug
  2954
 
 ---
- doc/ChangeLog          |  4 +++
  src/tls-openssl.c          | 39 ++++++++++++++----------
  test/confs/2148                | 54 ++++++++++++++++++++++++++++++++++
  test/confs/2149                | 39 +++++++++++++-----------
@@ -23,23 +22,6 @@ Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group.  Bug
  create mode 100644 test/scripts/2100-OpenSSL/2148
  create mode 100644 test/stderr/2148
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -41,10 +41,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
-       included (though probably not limited to) a process crash from stack
-       memory limit, or from excessive open files.  Replace this with a paniclog
-       whine (as this is likely a configuration error), and returning
-       DNS_NOMATCH.
- 
-+JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
-+      this always failed, probably leading to the usual downgrade to in-clear
-+      connections.
-+
- 
- 
- Exim version 4.96
- -----------------
- 
 --- a/src/tls-openssl.c
 +++ b/src/tls-openssl.c
 @@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits)
diff --git a/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch b/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch
index 417ffa4eed8c..5d990eddfca6 100644
--- a/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch
+++ b/mail/exim/files/debian/75_64-DANE-do-not-check-dns_again_means_nonexist-for-TLSA-.patch
@@ -5,28 +5,10 @@ Subject: [PATCH 3/3] DANE: do not check dns_again_means_nonexist for TLSA
  results of TRY_AGAIN
 
 ---
- doc/doc-docbook/spec.xfpt |  7 ++++++-
- doc/ChangeLog     |  4 ++++
  src/dns.c             | 35 ++++++++++++++++++++++-------------
+ doc/doc-docbook/spec.xfpt |  7 ++++++-
  3 files changed, 32 insertions(+), 14 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -46,10 +46,14 @@ JH/19 Bug 2911: Fix a recursion in DNS l
- JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
-       this always failed, probably leading to the usual downgrade to in-clear
-       connections.
- 
- 
-+JH/20 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
-+      SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
-+      to not checking that list for these looks.
-+
- 
- Exim version 4.96
- -----------------
- 
- JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
 --- a/src/dns.c
 +++ b/src/dns.c
 @@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno
diff --git a/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch b/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch
index d776c8edf393..d65891fd9dbe 100644
--- a/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch
+++ b/mail/exim/files/debian/75_66-Fix-crash-in-expansions.patch
@@ -5,28 +5,10 @@ Subject: [PATCH] Fix crash in expansions
 
 Broken-by: 1058096b8c53
 ---
- doc/ChangeLog | 4 ++++
  src/expand.c      | 9 +++++----
  test/stderr/0630      | 1 +
  3 files changed, 10 insertions(+), 4 deletions(-)
 
---- a/doc/ChangeLog
-+++ b/doc/ChangeLog
-@@ -50,10 +50,14 @@ JH/20 Bug 2954: (OpenSSL) Fix setting of
- 
- JH/20 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
-       SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
-       to not checking that list for these looks.
- 
-+JH/23 Fix crash in string expansions. Previously, if an empty variable was
-+      immediately followed by an expansion operator, a null-indirection read
-+      was done, killing the process.
-+
- 
- Exim version 4.96
- -----------------
- 
- JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
 --- a/src/expand.c
 +++ b/src/expand.c
 @@ -4652,11 +4652,11 @@ while (*s)