26 Oct
2012
26 Oct
'12
12:49 p.m.
It's time to check if you need to update Exim:
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
If you run Debian and Exim—which I know is lots of you—then you do need to.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
26 Oct
26 Oct
12:54 p.m.
Hi,
On Fri, Oct 26, 2012 at 12:49:21PM +0000, Andy Smith wrote:
It's time to check if you need to update Exim:
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
If you run Debian and Exim—which I know is lots of you—then you do need to.
On Debian, package version 4.72-6+squeeze3 has the fix:
exim4 (4.72-6+squeeze3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2012-5671: Fix heap-based buffer overflow in DKIM handling.
-- Nico Golde <nion(a)debian.org> Thu, 25 Oct 2012 08:43:03 +0000
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
1:02 p.m.
On 26 October 2012 14:54, Andy Smith <andy(a)bitfolk.com> wrote:
Hi,
On Fri, Oct 26, 2012 at 12:49:21PM +0000, Andy Smith wrote:
.. and in Ubuntu http://www.ubuntu.com/usn/usn-1618-1/
e.g.
exim4 (4.71-3ubuntu1.4) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via dns decode logic
- debian/patches/CVE-2012-5671.patch: adjust max length and validate
against it in src/pdkim/pdkim.h, src/dkim.c.
- CVE-2012-5671
-- Marc Deslauriers <marc.deslauriers(a)ubuntu.com> Thu, 25 Oct 2012
08:48:31 -0400
Cheers,
Al.
It's time to check if you need to update
Exim:
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
If you run Debian and Exim—which I know is lots of you—then you do need to.
On Debian, package version 4.72-6+squeeze3 has the fix:
exim4 (4.72-6+squeeze3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2012-5671: Fix heap-based buffer overflow in DKIM handling.
-- Nico Golde <nion(a)debian.org> Thu, 25 Oct 2012 08:43:03 +0000
1:23 p.m.
Hi,
It's time to check if you need to update Exim:
https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html
If you run Debian and Exim—which I know is lots of you—then you do need to.
It seems that people everywhere called Andy Smith are getting security
right:
http://dropsafe.crypticide.com/article/9024
;-)
Regards,
@ndy
--
andyjpb(a)ashurst.eu.org
http://www.ashurst.eu.org/
0x7EBA75FF
4543
days inactive
4543
days old
3 comments
3 participants
participants (3)
-
Alan Pope -
Andy Bennett -
Andy Smith