This update for exim fixes the following issues:
Changes in exim:
specify users with ref:mail, to make them dynamic. (boo#1046971)
CVE-2017-1000369: Fixed memory leaks that could be exploited to "stack
crash" local privilege escalation (boo#1044692)
Require user(mail) group(mail) to meet new users handling in TW.
Prerequire permissions (fixes rpmlint).
conditionally disable DANE on SuSE versions with OpenSSL < 1.0
CVE-2016-1531: when installed setuid root, allows local users to gain
privileges via the perl_startup argument.
CVE-2016-9963: DKIM information leakage (boo#1015930)
Makefile tuning:
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 42.3 | x86_64 | exim-debugsource | < 4.86.2-14.1 | exim-debugsource-4.86.2-14.1.x86_64.rpm |
openSUSE Leap | 42.2 | x86_64 | exim | < 4.86.2-10.6.1 | exim-4.86.2-10.6.1.x86_64.rpm |
openSUSE Leap | 42.3 | x86_64 | eximon-debuginfo | < 4.86.2-14.1 | eximon-debuginfo-4.86.2-14.1.x86_64.rpm |
openSUSE Leap | 42.3 | x86_64 | exim | < 4.86.2-14.1 | exim-4.86.2-14.1.x86_64.rpm |
openSUSE Leap | 42.2 | x86_64 | eximon-debuginfo | < 4.86.2-10.6.1 | eximon-debuginfo-4.86.2-10.6.1.x86_64.rpm |
openSUSE Leap | 42.2 | x86_64 | exim-debugsource | < 4.86.2-10.6.1 | exim-debugsource-4.86.2-10.6.1.x86_64.rpm |
openSUSE Leap | 42.2 | x86_64 | eximon | < 4.86.2-10.6.1 | eximon-4.86.2-10.6.1.x86_64.rpm |
openSUSE Leap | 42.2 | x86_64 | exim-debuginfo | < 4.86.2-10.6.1 | exim-debuginfo-4.86.2-10.6.1.x86_64.rpm |
openSUSE Leap | 42.3 | x86_64 | eximstats-html | < 4.86.2-14.1 | eximstats-html-4.86.2-14.1.x86_64.rpm |
openSUSE Leap | 42.3 | x86_64 | exim-debuginfo | < 4.86.2-14.1 | exim-debuginfo-4.86.2-14.1.x86_64.rpm |