[SECURITY] [DSA-2154-2] exim4 regression fix

Type debian
Reporter Debian
Modified 2011-01-30T22:05:08


Debian Security Advisory DSA-2154-2 security@debian.org http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq

Package : exim4 Vulnerability : privilege escalation / regression Problem type : local CVE Id(s) : CVE-2010-4345 CVE-2011-0017 Debian bug : 611572 Behaviour change : yes

The updated packages from DSA-2154-1 introduced a regression which prevented unprivileged users from using 'exim4 -bf' to test filter configurations. This update fixes this problem.

Please also read the information provided in DSA-2154-1 if you have not done so already.

For the stable distribution (lenny), this problem has been fixed in version 4.69-9+lenny4.

For the testing distribution (squeeze) and the unstable distribution (sid), this problem will be fixed soon.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org