Your message dated Sat, 02 Dec 2017 19:32:22 +0000
with message-id <[email protected]>
and subject line Bug#882671: fixed in exim4 4.89-2+deb9u2
has caused the Debian Bug report #882671,
regarding exim4: CVE-2017-16944: handles BDAT data incorrectly and leads to
crash
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
882671: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: exim4
Version: 4.89-1
Severity: grave
Tags: security upstream
Forwarded: https://bugs.exim.org/show_bug.cgi?id=2201
Hi
Filling as well the second issue in the Debian BTS to have a Debian
BTS reference, related to
https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
and #882648.
Upstream report: https://bugs.exim.org/show_bug.cgi?id=2201
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: exim4
Source-Version: 4.89-2+deb9u2
We believe that the bug you reported is fixed in the latest version of
exim4, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated exim4 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 28 Nov 2017 22:58:00 +0100
Source: exim4
Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy
eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-dev
Architecture: source
Version: 4.89-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Exim4 Maintainers <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 882648 882671
Description:
exim4 - metapackage to ease Exim MTA (v4) installation
exim4-base - support files for all Exim MTA (v4) packages
exim4-config - configuration for the Exim MTA (v4)
exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including
exiscan-ac
exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA "heavy" daemon
exim4-daemon-light - lightweight Exim MTA (v4) daemon
exim4-daemon-light-dbg - debugging symbols for the Exim MTA "light" daemon
exim4-dbg - debugging symbols for the Exim MTA (utilities)
exim4-dev - header files for the Exim MTA (v4) packages
eximon4 - monitor application for the Exim MTA (v4) (X11 interface)
Changes:
exim4 (4.89-2+deb9u2) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Avoid release of store if there have been later allocations
(CVE-2017-16943) (Closes: #882648)
* Chunking: do not treat the first lonely dot special (CVE-2017-16944)
(Closes: #882671)
Checksums-Sha1:
204634dbf28f510e00fb56926801fd81b64317c1 2973 exim4_4.89-2+deb9u2.dsc
a2acd71e491f5f7329bad6ed99a9f19af2b8195f 449560
exim4_4.89-2+deb9u2.debian.tar.xz
Checksums-Sha256:
2b6bcf331020f22936fb5f77f874b6a4b8bb972a69662be75b9ce0e5a9b004b6 2973
exim4_4.89-2+deb9u2.dsc
4807209496800f2ff4e1106ba96b8d4ea62915c018ec449eb02f909023d351c1 449560
exim4_4.89-2+deb9u2.debian.tar.xz
Files:
6cfac34055291c55d36d46301fadc259 2973 mail standard exim4_4.89-2+deb9u2.dsc
c66cd7c11e08e0cd22899110ed62eb94 449560 mail standard
exim4_4.89-2+deb9u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlod3VdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EOaEP/0BMk1ORcxvy1GdzcnEkTpeVqmlEzFRu
4+3LP295RquXN8EfstrSeK9++gO+BEVR7RyO9ATBWrLpYs7+ltJPDkF8lccCZpHu
FFj9yLgpG0n8trCuZXvzeNiMI5v80OSOkAz+EBhufG9LytPweapUVO/NtgOF8T+8
lJx0OqBwciVNQnV5ZftSGWG3L4GRkziLASEf1h4dLILjCgWvNfWyA+dIJWHjKLgS
EYtJ8UwwpUnofhcDhLfT3rReGoVZ7o0xr60QkDIRQtJ8F/ZC+FQVjisQ19mBlUvm
XpxwPJz3Rr5dIaJZrlV0wk5F41Mwvan8sCaysmBnf6OxB6UvlK3dXvSv3pZ57vw6
TJogs/9XGbn7pex0/ET7AmmAIIT01XkakaVuJ1usLb4u7OyoK7qgik/+fvgFnUlC
yEvv8IDQPWiAXFF/qITMXgAwrHk+033/V/JTN2FnDrnzf+HpXnT0n6xP4jOl7l23
vg0MDmQPPlkRccN3ZOqWAt4UnM2xhVaaYacL0P6KMr7Egxw4QBwbY38pfPajDh1e
Zp6mnYLVcnJ17O2NWIAU92nnRIHoRrvPdnOxiBGcIYeLXHePfFIWlc7k3Xe5t4JC
vX5jqmllHAPTLldNL8xLA0H++r5BKIrUDg+GIgv4+l3u7YHcXnE4yIfQEvD/qTnT
9k4+pghzboqr
=G9Rh
-----END PGP SIGNATURE-----
--- End Message ---
