Lucene search
SuseOPENSUSE-SU-2017:2289-1HistoryAug 29, 2017 - 6:39 p.m.
Security update for exim (important)
2017-08-2918:39:29
lists.opensuse.org
64
0.004 Low
EPSS
Percentile
70.6%
This update for exim fixes the following issues:
Changes in exim:
-
specify users with ref:mail, to make them dynamic. (boo#1046971)
-
CVE-2017-1000369: Fixed memory leaks that could be exploited to "stack
crash" local privilege escalation (boo#1044692) -
Require user(mail) group(mail) to meet new users handling in TW.
-
Prerequire permissions (fixes rpmlint).
-
conditionally disable DANE on SuSE versions with OpenSSL < 1.0
-
CVE-2016-1531: when installed setuid root, allows local users to gain
privileges via the perl_startup argument. -
CVE-2016-9963: DKIM information leakage (boo#1015930)
-
Makefile tuning:
- add sqlite support
- disable WITH_OLD_DEMIME
- enable AUTH_CYRUS_SASL
- enable AUTH_TLS
- enable SYSLOG_LONG_LINES
- enable SUPPORT_PAM
- MAX_NAMED_LIST=64
- enable EXPERIMENTAL_DMARC
- enable EXPERIMENTAL_EVENT
- enable EXPERIMENTAL_PROXY
- enable EXPERIMENTAL_CERTNAMES
- enable EXPERIMENTAL_DSN
- enable EXPERIMENTAL_DANE
- enable EXPERIMENTAL_SOCKS
- enable EXPERIMENTAL_INTERNATIONAL
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | x86_64 | exim-debugsource | < 4.86.2-14.1 | exim-debugsource-4.86.2-14.1.x86_64.rpm |
| openSUSE Leap | 42.2 | x86_64 | exim | < 4.86.2-10.6.1 | exim-4.86.2-10.6.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | eximon-debuginfo | < 4.86.2-14.1 | eximon-debuginfo-4.86.2-14.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | exim | < 4.86.2-14.1 | exim-4.86.2-14.1.x86_64.rpm |
| openSUSE Leap | 42.2 | x86_64 | eximon-debuginfo | < 4.86.2-10.6.1 | eximon-debuginfo-4.86.2-10.6.1.x86_64.rpm |
| openSUSE Leap | 42.2 | x86_64 | exim-debugsource | < 4.86.2-10.6.1 | exim-debugsource-4.86.2-10.6.1.x86_64.rpm |
| openSUSE Leap | 42.2 | x86_64 | eximon | < 4.86.2-10.6.1 | eximon-4.86.2-10.6.1.x86_64.rpm |
| openSUSE Leap | 42.2 | x86_64 | exim-debuginfo | < 4.86.2-10.6.1 | exim-debuginfo-4.86.2-10.6.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | eximstats-html | < 4.86.2-14.1 | eximstats-html-4.86.2-14.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | exim-debuginfo | < 4.86.2-14.1 | exim-debuginfo-4.86.2-14.1.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : exim (openSUSE-2017-980) (Stack Clash)
2017-08-30 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Exim vulnerability (USN-3164-1)
2017-01-06 00:00:00
Debian DSA-3747-1 : exim4 - security update
2016-12-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for exim (openSUSE-SU-2017:2289-1)
2017-08-30 00:00:00
Debian Security Advisory DSA 3747-1 (exim4 - security update)
2016-12-25 00:00:00
Debian: Security Advisory (DSA-3747-1)
2016-12-24 00:00:00
cve
cve
prion
prion
Code injection
2017-02-01 15:59:00
Design/Logic Flaw
2017-06-19 16:29:00
Code injection
2016-04-07 23:59:00
debian
debian
[SECURITY] [DSA 3747-1] exim4 security update
2016-12-25 10:08:23
[SECURITY] [DSA 3747-1] exim4 security update
2016-12-25 10:08:23
[SECURITY] [DLA 762-1] exim4 security update
2016-12-25 10:59:29
ubuntucve
ubuntucve
debiancve
debiancve
fedora
fedora
[SECURITY] Fedora 26 Update: exim-4.89-5.fc26
2017-08-31 15:03:35
[SECURITY] Fedora 22 Update: exim-4.85.2-1.fc22
2016-03-13 09:53:45
[SECURITY] Fedora 23 Update: exim-4.86.2-1.fc23
2016-03-12 11:53:03
suse
suse
Security update for exim (important)
2017-06-20 15:10:52
Security update for exim (important)
2016-03-11 14:16:09
Security update for exim (critical)
2021-05-20 00:00:00
alpinelinux
alpinelinux
CVE-2017-1000369
2017-06-19 16:29:00
redhatcve
redhatcve
CVE-2016-9963
2016-12-16 08:47:23
CVE-2017-1000369
2017-06-21 08:50:36
freebsd
freebsd
exim -- DKIM private key leak
2016-12-15 00:00:00
exim -- Privilege escalation via multiple memory leaks
2017-06-19 00:00:00
exim -- local privillege escalation
2016-02-26 00:00:00
osv
osv
CVE-2016-9963
2017-02-01 15:59:00
CVE-2017-1000369
2017-06-19 16:29:00
exim4 - security update
2017-06-19 00:00:00
amazon
amazon
Medium: exim
2017-03-06 14:00:00
ubuntu
ubuntu
Exim vulnerability
2017-01-05 00:00:00
Exim vulnerability
2017-06-19 00:00:00
Exim vulnerabilities
2016-03-15 00:00:00
gentoo
gentoo
Exim: Local privilege escalation
2017-09-24 00:00:00
packetstorm
packetstorm
Exim Local Privilege Escalation
2016-03-10 00:00:00
Exim 4.84-3 Local Root / Privilege Escalation
2016-03-08 00:00:00
Exim perl_startup Privilege Escalation
2016-04-14 00:00:00
metasploit
metasploit
Exim "perl_startup" Privilege Escalation
2016-04-13 22:51:20
zdt
zdt
Exim 4.84-3 - Privilege Escalation
2016-03-09 00:00:00
Exim - 'perl_startup' Privilege Escalation (Metasploit)
2016-04-15 00:00:00
Exim < 4.86.2 - Privilege Escalation
2016-03-10 00:00:00
archlinux
archlinux
exim: privilege escalation
2016-03-10 00:00:00
[ASA-201711-32] exim: multiple issues
2017-11-30 00:00:00
exploitpack
exploitpack
Exim 4.84-3 - Local Privilege Escalation
2016-03-09 00:00:00
Exim 4.86.2 - Local Privilege Escalation
2016-03-10 00:00:00
exploitdb
exploitdb
Exim 4.84-3 - Local Privilege Escalation
2016-03-09 00:00:00
Exim - 'perl_startup' Local Privilege Escalation (Metasploit)
2016-04-15 00:00:00
Exim < 4.86.2 - Local Privilege Escalation
2016-03-10 00:00:00
myhack58
myhack58