exim: security bump to version 4.86.2

Fixes:
CVE-2016-1531 - All installations having Exim set-uid root and using
'perl_startup' are vulnerable to a local privilege escalation. Any user
who can start an instance of Exim (and this is normally *any* user) can
gain root privileges. If you do not use 'perl_startup' you *should* be
safe.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/exim/exim.hash b/package/exim/exim.hash
index 0c0d7976079616bde324bd016e61b03f35e4c7e7..8f4338be9bd7e8301e544e9fbf76be5d57d53951 100644 (file)
--- a/package/exim/exim.hash
+++ b/package/exim/exim.hash
@@ -1,2 +1,2 @@
-# From https://lists.exim.org/lurker/message/20150726.143052.f70a32f0.en.html
-sha256 f1ccf2ce2ea51b7fbbf160e7e0e41d24ca401cf44a185128ad99ea04635fc456        exim-4.86.tar.bz2
+# Locally calculated after checking pgp signature
+sha256 7756deafd0583776e091f2efcba9b36203e668cf420d8876f314980803636eb3        exim-4.86.2.tar.bz2

diff --git a/package/exim/exim.mk b/package/exim/exim.mk
index 62267b7e6c4c49216ab92b6d43d00d2f65598bf7..6a6bb7c3aaf097a1e2c813581527f89308155375 100644 (file)
--- a/package/exim/exim.mk
+++ b/package/exim/exim.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-EXIM_VERSION = 4.86
+EXIM_VERSION = 4.86.2
 EXIM_SOURCE = exim-$(EXIM_VERSION).tar.bz2
 EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4
 EXIM_LICENSE = GPLv2+