[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3747-1] exim4 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3747-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
December 25, 2016                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : exim4
CVE ID         : CVE-2016-9963

Bjoern Jacke discovered that Exim, Debian's default mail transfer agent,
may leak the private DKIM signing key to the log files if specific
configuration options are met.

For the stable distribution (jessie), this problem has been fixed in
version 4.84.2-2+deb8u2.

We recommend that you upgrade your exim4 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlhfmnRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S/6g//d3G+FQmsnEt1qpErwSceamJ4XuuRjkMbMHChowO/E8dieCUr0LUW0Okp
gVMEe/GL/K8jxf4LbixNaoETsRNtZRs4tW3i6Ge6ggAqLNEpeKJPoscDOC/RvTw+
5iRjul0cQE1fezQq4DLa/WZYldeuHQakMwGkn7Fu8DNHiCCIIl9RF49UF6R7sjEL
hHmVQsVzTaAnQnRGN0N0f4Ad6u3OVyLrEABocGDGO8hNu/uqI08gyaLXK6HvbIlu
67GUJq6b4qqs/hXRymKyimAYDx6KSHtek6dZkUshxedROQF+Q9oF5dRipycUMLYh
WLG6QbDvDxZBUU4Ew3Xt54i9NqO+Vf3jXi4I5ZVQx/aXrBo29hf69CYbO+bUFx0y
w9YGpgE2cU/WFqX+S6btCzxEpZgqTrdujb2SvxKWhuAlhKHnozghnQRK1hSwEjdW
wto6CAmnYm3jIy8ifhinPrthopHPAE0waay0v+CE+tUDcLBSFGbGK9NMjp8qp9l1
EEevzxXfJm/N4k7v89F1Bl4oBiy702AhfZG5wDRZYpw4XPRxENf6lgUln5O7cEn3
3498QxCQ8l/eqW2xy7x/JOjoi8tk3rB2m0wwwZSLvFvQTPfbMEfSk6SdEurpcGjH
iLktbxbQ0L6N4goEL5dIZc+LHq9ZBdd7ZrPlLhupGxTZQ+aLaiQ=
=tbGY
-----END PGP SIGNATURE-----


Reply to: