Cheers,
Andy
--=20
http://bitfolk.com/ -- No-nonsense VPS hosting
--AsxXAMtlQ5JHofzM
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEAREDAAYFAlCKhtEACgkQIJm2TL8VSQtO4ACgp3J9K5reSrFtdmxg4RyNgYMo
i/IAoLxRvhZj7Xbizoj1IEGuTtFbkXNm
=n1Ab
-----END PGP SIGNATURE-----
--AsxXAMtlQ5JHofzM--
--===============0247042390==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
announce mailing list
announce@???
https://lists.bitfolk.com/mailman/listinfo/announce
--===============0247042390==--
From announce-bounces+users=lists.bitfolk.com@??? Fri Oct 26 12:54:19 2012
Received: from localhost ([127.0.0.1] helo=bitfolk.com)
by mail.bitfolk.com with esmtp (Exim 4.72) (envelope-from
<announce-bounces+users=lists.bitfolk.com@???>)
id 1TRjQZ-00052d-7y
for users@???; Fri, 26 Oct 2012 12:54:19 +0000
Received: from andy by mail.bitfolk.com with local (Exim 4.72)
(envelope-from <andy@???>) id 1TRjQV-00051U-Lo
for announce@???; Fri, 26 Oct 2012 12:54:15 +0000
Date: Fri, 26 Oct 2012 12:54:15 +0000
From: Andy Smith <andy@???>
To: announce@???
Message-ID: <20121026125415.GB19412@???>
References: <20121026124921.GA19412@???>
MIME-Version: 1.0
In-Reply-To: <20121026124921.GA19412@???>
OpenPGP: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc
X-URL: http://strugglers.net/wiki/User:Andy
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Fri,
26 Oct 2012 12:54:15 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd1.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN:
X-Spam-Status: No, score=-0.0 required=5.0 tests=NO_RELAYS shortcircuit=no
autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
X-BeenThere: announce@???
X-Mailman-Version: 2.1.13
Precedence: list
Content-Type: multipart/mixed; boundary="===============1137656236=="
Sender: announce-bounces+users=lists.bitfolk.com@???
Errors-To: announce-bounces+users=lists.bitfolk.com@???
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Fri,
26 Oct 2012 12:54:19 +0000
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: announce-bounces+users=lists.bitfolk.com@???
X-SA-Exim-Scanned: No (on mail.bitfolk.com); SAEximRunCond expanded to false
Subject: Re: [bitfolk] Another Exim remote code execution exploit
X-BeenThere: users@???
Reply-To: users@???
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2012 12:54:19 -0000
--===============1137656236==
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="DEueqSqTbz/jWVG1"
Content-Disposition: inline
--DEueqSqTbz/jWVG1
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
On Fri, Oct 26, 2012 at 12:49:21PM +0000, Andy Smith wrote:
> It's time to check if you need to update Exim:
>=20
> https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
>=20
> If you run Debian and Exim=E2=80=94which I know is lots of you=E2=80=94th=
en you do need to.
On Debian, package version 4.72-6+squeeze3 has the fix:
exim4 (4.72-6+squeeze3) stable-security; urgency=3Dhigh
=20
* Non-maintainer upload by the Security Team.
* CVE-2012-5671: Fix heap-based buffer overflow in DKIM handling.
=20
-- Nico Golde <nion@???> Thu, 25 Oct 2012 08:43:03 +0000
Cheers,
Andy
--=20
http://bitfolk.com/ -- No-nonsense VPS hosting
--DEueqSqTbz/jWVG1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEAREDAAYFAlCKh/cACgkQIJm2TL8VSQvxfQCgknijnOfA+LLYauuduVIcQq3y
/AoAnAjC/URPcMgpSh+Z6cZrChz3vZDt
=olNn
-----END PGP SIGNATURE-----
--DEueqSqTbz/jWVG1--
--===============1137656236==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
announce mailing list
announce@???
https://lists.bitfolk.com/mailman/listinfo/announce
--===============1137656236==--
From alan@??? Fri Oct 26 13:03:01 2012
Received: from mail-pa0-f48.google.com ([209.85.220.48])
by mail.bitfolk.com with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
(Exim 4.72) (envelope-from <alan@???>) id 1TRjYz-0005bZ-0U
for users@???; Fri, 26 Oct 2012 13:03:01 +0000
Received: by mail-pa0-f48.google.com with SMTP id kp12so2127365pab.21
for <users@???>; Fri, 26 Oct 2012 06:02:53 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-originating-ip:in-reply-to:references:from:date
:message-id:subject:to:content-type:content-transfer-encoding
:x-gm-message-state;
bh=LuKZIygv5JNYoUMAzyvGNuoAWLkJ0f6WI5gV0Mux2Fo=;
b=NIkpxJeTsmXwfyjwHdK0Wm2YGVmP4WBTZCuhUEZepxF0bpu6AhoegdGL3okj83vaRp
JFfj9vQXSnJuWtIG/pWFihQGJr/+6pnbh84MGe2JCdV+F7VHsWumUqzjXst2K7P88sPz
BjW6Z93aJjBg0BjK2OVvwB1wjg/OuAnkmPXJS83UbTNogkOQ2XxIIsDTZrutu7oGGbPo
Plqjm47VKGxCrTGBzkJ3wN4iwv4t6+D+QAVfFY+qnKdeKZqgYVMDxBvWn2r/E/AR+aRQ
CtjN4ETRSc0NrKT2/s/mfgdBSSfBUOZ8GthKUf+uy50ioQvDxfxKLyTntLU7E6PTUpkl
V05Q==
Received: by 10.68.132.165 with SMTP id ov5mr68452272pbb.105.1351256573334;
Fri, 26 Oct 2012 06:02:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.66.232.226 with HTTP; Fri, 26 Oct 2012 06:02:32 -0700 (PDT)
X-Originating-IP: [91.224.175.20]
In-Reply-To: <20121026125415.GB19412@???>
References: <20121026124921.GA19412@???>
<20121026125415.GB19412@???>
From: Alan Pope <alan@???>
Date: Fri, 26 Oct 2012 15:02:32 +0200
Message-ID: <CAJQXycc30AsQmEmUDKe7Qbx55TF9Cv-QQMePxL-o6iREz8sxWg@???>
To: users@???
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmziGhgw6kjsAXsjf7YMtz0B+eaHFcEGikXtNY9c7miUM95KYjVmwyBjXHhJc6aVi5STUwE
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Fri,
26 Oct 2012 13:03:01 +0000
X-SA-Exim-Connect-IP: 209.85.220.48
X-SA-Exim-Mail-From: alan@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd3.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Status: No, score=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW
shortcircuit=no autolearn=disabled version=3.3.1
X-Spam-Report: * -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at
http://www.dnswl.org/, low * trust
* [209.85.220.48 listed in list.dnswl.org]
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Subject: Re: [bitfolk] Another Exim remote code execution exploit
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2012 13:03:01 -0000
On 26 October 2012 14:54, Andy Smith <andy@???> wrote:
> Hi,
>
> On Fri, Oct 26, 2012 at 12:49:21PM +0000, Andy Smith wrote:
>> It's time to check if you need to update Exim:
>>
>> https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.ht=
ml
>>
>> If you run Debian and Exim=97which I know is lots of you=97then you do n=
eed to.
>
> On Debian, package version 4.72-6+squeeze3 has the fix:
>
> exim4 (4.72-6+squeeze3) stable-security; urgency=3Dhigh
>
> * Non-maintainer upload by the Security Team.
> * CVE-2012-5671: Fix heap-based buffer overflow in DKIM handling.
>
> -- Nico Golde <nion@???> Thu, 25 Oct 2012 08:43:03 +0000
>
.. and in Ubuntu
http://www.ubuntu.com/usn/usn-1618-1/
e.g.
exim4 (4.71-3ubuntu1.4) lucid-security; urgency=3Dlow
* SECURITY UPDATE: arbitrary code execution via dns decode logic
- debian/patches/CVE-2012-5671.patch: adjust max length and validate
against it in src/pdkim/pdkim.h, src/dkim.c.
- CVE-2012-5671
-- Marc Deslauriers <marc.deslauriers@???> Thu, 25 Oct 2012
08:48:31 -0400
Cheers,
Al.
From andyjpb@??? Fri Oct 26 13:23:06 2012
Received: from pavilion.ashurst.eu.org ([85.119.82.45])
by mail.bitfolk.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.72) (envelope-from <andyjpb@???>)
id 1TRjsQ-0006wk-Nl
for users@???; Fri, 26 Oct 2012 13:23:06 +0000
Received: from [74.125.61.190] (helo=[192.168.146.63])
by pavilion.ashurst.eu.org with esmtpsa
(TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.72)
(envelope-from <andyjpb@???>) id 1TRjsP-0001ok-GP
for users@???; Fri, 26 Oct 2012 14:23:05 +0100
Message-ID: <508A8EB7.4030705@???>
Date: Fri, 26 Oct 2012 14:23:03 +0100
From: Andy Bennett <andyjpb@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:10.0.7) Gecko/20120922 Icedove/10.0.7
MIME-Version: 1.0
To: users@???
References: <20121026124921.GA19412@???>
In-Reply-To: <20121026124921.GA19412@???>
X-Enigmail-Version: 1.4.1
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd0.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN:
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,SHORTCIRCUIT
shortcircuit=ham autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 SHORTCIRCUIT Not all rules were run,
due to a shortcircuited rule
* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Fri,
26 Oct 2012 13:23:06 +0000
X-SA-Exim-Connect-IP: 85.119.82.45
X-SA-Exim-Mail-From: andyjpb@???
X-SA-Exim-Scanned: No (on mail.bitfolk.com); SAEximRunCond expanded to false
Subject: Re: [bitfolk] Another Exim remote code execution exploit
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2012 13:23:06 -0000
Hi,
> It's time to check if you need to update Exim:
>
> https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
>
> If you run Debian and Eximwhich I know is lots of youthen you do need to.
It seems that people everywhere called Andy Smith are getting security
right:
http://dropsafe.crypticide.com/article/9024
;-)
Regards,
@ndy
--
andyjpb@???
http://www.ashurst.eu.org/
0x7EBA75FF
From andy@??? Mon Nov 05 01:57:43 2012
Received: from andy by mail.bitfolk.com with local (Exim 4.72)
(envelope-from <andy@???>) id 1TVBwc-0001ud-Fl
for users@li
