Hi,
Another serious bug has been found in Exim, which is installed by
default on Debian and some other Linux distributions:
https://seclists.org/oss-sec/2019/q3/253
The impact is remote execution as an unprivileged user, although
it cannot be ruled out that there might be other routes to the same
code running in a privileged context.
If your distribution is still under security support then I expect
they will push out new packages in the next few days.
If not then you will need to upgrade it or rebuild the package. It's
quite a simple fix.
There's been no embargo this time, so attacks could be out in the
wild already.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce