!16 fix CVE-2023-51766

From: @technology208 Reviewed-by: @zhuchunyi Signed-off-by: @zhuchunyi
2024-07-11 06:06:44 +00:00 · 2024-07-11 06:06:44 +00:00 · abd6f479cb
commit abd6f479cb
parent cfaae149d9 30204cf3d4
2 changed files with 34 additions and 3 deletions
--- a/CVE-2023-51766.patch
+++ b/CVE-2023-51766.patch
@ -0,0 +1,28 @@
 From 06a6f188c5fd423e787146f992e5a97f2476de91 Mon Sep 17 00:00:00 2001
 From: Jeremy Harris <jgh146exb@wizmail.org>
 Date: Tue, 9 Jul 2024 11:23:21 +0800
 Subject: [PATCH] Reject "dot, LF" as ending data phase. Bug 3063
 ---
 src/smtp_in.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
 diff --git a/src/smtp_in.c b/src/smtp_in.c
 index eb9c7e6..215a4c7 100644
 --- a/src/smtp_in.c
 +++ b/src/smtp_in.c
@@ -5110,7 +5110,10 @@ while (done <= 0)
 	dummy call to get the DATA command sent. */
 	if (!acl_smtp_predata && cutthrough.cctx.sock < 0)
 -	  rc = OK;
 +    {
 +         if (!check_sync()) goto SYNC_FAILURE;
 +          rc = OK;
 +    }
 	else
 	  {
 	  uschar * acl = acl_smtp_predata ? acl_smtp_predata : US"accept";
 -- 
 2.27.0
--- a/exim.spec
+++ b/exim.spec
@ -4,7 +4,7 @@
 Summary:          The exim mail transfer agent
 Name:             exim
 Version:          4.97.1
-Release:          1
+Release:          2
 License:          GPLv2+
 Url:              https://www.exim.org/
@ -39,7 +39,7 @@ Patch0:           exim-4.97-config.patch
 Patch1:           exim-4.94-libdir.patch
 Patch2:           exim-4.97-dlopen-localscan.patch
 Patch3:           exim-4.96-pic.patch
-
+Patch4:           CVE-2023-51766.patch
 Requires:         /etc/pki/tls/certs /etc/pki/tls/private
 Requires:         setup
@ -480,6 +480,9 @@ fi
 %{_sysconfdir}/cron.daily/greylist-tidy.sh
 %changelog
 * Tue Jul  9 2024 technology208 <technology@208suo.com> - 4.97-2
 - Fix CVE-2023-51766
 * Sun Feb 4 2024 zhuchao <tom_toworld@163.com> - 4.97.1-1
 - DESC:upgrade to 4.97.1 to resolve the CVE-2023-51766