Richard Jones via Exim-users <exim-users@???> (Do 12 Sep 2019 14:36:41 CEST):
> On Sep 12, Heiko Schlittermann via Exim-users wrote
> > If you're out of luck, either upgrade your Debian system to a recent
> > one, or prepare to compile Exim on your own. (This is not as hard as it
> > seems, but you have to care about further updates manually).
>
> I don't suppose anyone has magical instructions on how to do this for
> exim4-daemon-heavy?
If you only want to backport the CVE patch, this should be simple, if
you're experience somewhat in re-building Debian packages.
From my mind:
# cd $WORKSPACE
apt source exim4-daemon-heavy
apt install build-depends exim4-daemon-heavy
# chdir into to the new created exim-<version> directory
# apply the patch (it is a one liner in src/string.c)
# edit debian/changelog # there exist tools for doing it, like dch
# take care to create a new incremented
# version not conflicting with further
# versions from Upstream
dpkg-buildpackage -uc -us # rebuild, do not sign anything
cd ..
Be happy with your fresh created *deb files
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
