[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1001-1] exim4 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : exim4
Version        : 4.80-7+deb7u5
CVE ID         : CVE-2017-1000369

Exim supports the use of multiple "-p" command line arguments which are
malloc()'ed and never free()'ed, used in conjunction with other issues allows
attackers to cause arbitrary code execution.

For Debian 7 "Wheezy", these problems have been fixed in version
4.80-7+deb7u5.

We recommend that you upgrade your exim4 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAllPD+sACgkQ+COicpiD
yXzf7w//Zr2yuuRVRGuQIx+OyEjBT7p+DALs54UbbCjOXVDYmbvl+CcNxu7cxPZt
kbksx4hii5JtOWrQaIFOL9wyo4O3kpneWpbDL/EplFBqkfZvcgdYhqQjFtQuHwq+
oEUIVdyxZTRpyP3pExcmDmrSXGE9T5uBDXKVpt8FikvAXMgaIdfbXFV/xatkqVXM
vJRJup7cu8geJgxUz0dQ7uillRBVqpAU972xNx0yMswJV8D3zaF5SGUOWQ39zHfH
G/pvshELwhPv4QXCUP2Xqek0ljk3TxiNcNINDhvwCoBvWd+SRDl6d4PnsIzWD4lz
BQh4fprWg3b8XpXZFDu/5zqjt7sP5eSd+7FxP6x11o8hb4T0FlfZG1l/75I9hJXf
yLj+h1FaTIzi9ixjGGHHLA5ZQBnWjI/Qv60yFYPssCZtCTDDPhIHknTKpXWjVicA
KhCAmV101Wwm/O54Si3nVefGqsfdDzknJU4vspv7X+R6n6ApYFXc1a3EDfCgKS3N
X9Myha7IvCjGCOi25ssiSd4w+Ulx9ixA7NWJqYFOL0h45zYq6Un0oQZro1ZVYksH
oNc1WNXwHsEaFciQeAV3yxaDzJtZc7tdzJ3xwmUMwtOcCRJBut6sCiOGx1AlOj/t
/G2bLTMqNmb/qQd3k/bw4PV6peU5yhKhU7S2IXGTRGJXIxawU7g=
=Xj8m
-----END PGP SIGNATURE-----


Reply to: