I've just updated the clw server. On 26/10/12, Rory Campbell-Lange ([email protected]) wrote: > This is pretty serious and could easily cause some server hacks. > > Can we upgrade mail servers for just this issue more or less > immediately? Please let me know what the status of the mailscanner > server is. > > Rory > > On 26/10/12, Nico Golde ([email protected]) wrote: > > ------------------------------------------------------------------------- > > Debian Security Advisory DSA-2566-1 [email protected] > > http://www.debian.org/security/ Nico Golde > > October 25, 2012 http://www.debian.org/security/faq > > ------------------------------------------------------------------------- > > > > Package : exim4 > > Vulnerability : heap-based buffer overflow > > Problem type : remote > > Debian-specific: no > > CVE ID : CVE-2012-5671 > > > > It was discovered that Exim, a mail transport agent, is not properly > > handling the decoding of DNS records for DKIM. Specifically, crafted > > records can yield to a heap-based buffer overflow. An attacker can > > exploit this flaw to execute arbitrary code. > > > > For the stable distribution (squeeze), this problem has been fixed in > > version 4.72-6+squeeze3. > > > > For the testing distribution (wheezy), this problem has been fixed in > > version 4.80-5.1. > > > > For the unstable distribution (sid), this problem has been fixed in > > version 4.80-5.1. > > > > > > We recommend that you upgrade your exim4 packages. > > > > Further information about Debian Security Advisories, how to apply > > these updates to your system and frequently asked questions can be > > found at: http://www.debian.org/security/ > > > > Mailing list: [email protected] > > > > > > > > -- > > To UNSUBSCRIBE, email to [email protected] > > with a subject of "unsubscribe". Trouble? Contact > > [email protected] > > Archive: http://lists.debian.org/[email protected] > > > > -- > Rory Campbell-Lange > [email protected] > > Campbell-Lange Workshop > www.campbell-lange.net > 0207 6311 555 > 3 Tottenham Street London W1T 2AF > Registered in England No. 04551928
-- Rory Campbell-Lange [email protected] Campbell-Lange Workshop www.campbell-lange.net 0207 6311 555 3 Tottenham Street London W1T 2AF Registered in England No. 04551928 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
