[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This was fixed some time ago in http://www.ubuntu.com/usn/usn-1060-1/. ** Changed in: exim4 (Ubuntu Dapper) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in Ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
** Branch linked: lp:ubuntu/hardy-security/exim4 ** Branch linked: lp:ubuntu/dapper-updates/exim4 ** Branch linked: lp:ubuntu/exim4 ** Branch linked: lp:ubuntu/lucid-security/exim4 ** Branch linked: lp:ubuntu/maverick-updates/exim4 ** Branch linked: lp:ubuntu/karmic-security/exim4 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This bug was fixed in the package exim4 - 4.69-2ubuntu0.3 --- exim4 (4.69-2ubuntu0.3) hardy-security; urgency=low * SECURITY UPDATE: local privilege escalation via alternate config file (LP: #697934) - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour- altering changes from upstream git to fix issue. - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation changes. - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts. This would not work with ALT_CONFIG_PREFIX. Patch obtained from Debian's 4.69-9+lenny2. - Build with WHITELIST_D_MACROS=OUTGOING. After this security update, exim will not regain root privileges (usually necessary for local delivery) if the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING. - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this security update, exim will not re-gain root privileges (usually necessary for local delivery) if the -C option was used. This makes it impossible to start a fully functional damon with an alternate configuration file. /etc/exim4/trusted_configs (can) contain a list of filenames (one per line, full path given) to which this restriction does not apply. - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to Debian and Andreas Metzler for the text. - CVE-2010-4345 * SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023) - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return codes in src/exim.c, src/log.c. - CVE-2011-0017 * SECURITY UPDATE: denial of service and possible arbitrary code execution via hard link to another user's file (LP: #609620) - debian/patches/CVE-2010-2023.dpatch: check for links in src/transports/appendfile.c. - CVE-2010-2023 * SECURITY UPDATE: denial of service and possible arbitrary code execution via symlink on a lock file (LP: #609620) - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in src/exim_lock.c, src/transports/appendfile.c. - CVE-2010-2024 * debian/rules: disable debconf-updatepo so the security update doesn't alter translations. -- Marc Deslauriers marc.deslauri...@ubuntu.com Tue, 08 Feb 2011 15:19:27 -0500 ** Changed in: exim4 (Ubuntu Hardy) Status: Confirmed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2023 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2024 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4345 ** Changed in: exim4 (Ubuntu Lucid) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This bug was fixed in the package exim4 - 4.71-3ubuntu1.1 --- exim4 (4.71-3ubuntu1.1) lucid-security; urgency=low * SECURITY UPDATE: local privilege escalation via alternate config file (LP: #697934) - debian/patches/80_CVE-2010-4345.patch: backport massive behaviour- altering changes from upstream git to fix issue. - debian/patches/81_CVE-2010-4345-docs.patch: backport documentation changes. - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts. This would not work with ALT_CONFIG_PREFIX. Patch obtained from Debian's 4.69-9+lenny2. - Build with WHITELIST_D_MACROS=OUTGOING. After this security update, exim will not regain root privileges (usually necessary for local delivery) if the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING. - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this security update, exim will not re-gain root privileges (usually necessary for local delivery) if the -C option was used. This makes it impossible to start a fully functional damon with an alternate configuration file. /etc/exim4/trusted_configs (can) contain a list of filenames (one per line, full path given) to which this restriction does not apply. - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to Debian and Andreas Metzler for the text. - CVE-2010-4345 * SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023) - debian/patches/82_CVE-2011-0017.patch: check setuid and setgid return codes in src/exim.c, src/log.c. - CVE-2011-0017 * SECURITY UPDATE: denial of service and possible arbitrary code execution via hard link to another user's file (LP: #609620) - debian/patches/CVE-2010-2023.patch: check for links in src/transports/appendfile.c. - CVE-2010-2023 * SECURITY UPDATE: denial of service and possible arbitrary code execution via symlink on a lock file (LP: #609620) - debian/patches/CVE-2010-2024.patch: improve lock file handling in src/exim_lock.c, src/transports/appendfile.c. - CVE-2010-2024 * debian/rules: disable debconf-updatepo so the security update doesn't alter translations. -- Marc Deslauriers marc.deslauri...@ubuntu.com Tue, 08 Feb 2011 11:31:29 -0500 ** Changed in: exim4 (Ubuntu Maverick) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This bug was fixed in the package exim4 - 4.72-1ubuntu1.1 --- exim4 (4.72-1ubuntu1.1) maverick-security; urgency=low * SECURITY UPDATE: local privilege escalation via alternate config file (LP: #697934) - debian/patches/80_CVE-2010-4345.patch: backport massive behaviour- altering changes from upstream git to fix issue. - debian/patches/81_CVE-2010-4345-docs.patch: backport documentation changes. - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts. This would not work with ALT_CONFIG_PREFIX. Patch obtained from Debian's 4.69-9+lenny2. - Build with WHITELIST_D_MACROS=OUTGOING. After this security update, exim will not regain root privileges (usually necessary for local delivery) if the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING. - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this security update, exim will not re-gain root privileges (usually necessary for local delivery) if the -C option was used. This makes it impossible to start a fully functional damon with an alternate configuration file. /etc/exim4/trusted_configs (can) contain a list of filenames (one per line, full path given) to which this restriction does not apply. - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to Debian and Andreas Metzler for the text. - CVE-2010-4345 * SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023) - debian/patches/82_CVE-2011-0017.patch: check setuid and setgid return codes in src/exim.c, src/log.c. - CVE-2011-0017 * debian/rules: disable debconf-updatepo so the security update doesn't alter translations. -- Marc Deslauriers marc.deslauri...@ubuntu.com Tue, 08 Feb 2011 09:46:29 -0500 ** Changed in: exim4 (Ubuntu Karmic) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This bug was fixed in the package exim4 - 4.69-11ubuntu4.2 --- exim4 (4.69-11ubuntu4.2) karmic-security; urgency=low * SECURITY UPDATE: local privilege escalation via alternate config file (LP: #697934) - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour- altering changes from upstream git to fix issue. - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation changes. - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option in utility scripts. This would not work with ALT_CONFIG_PREFIX. Patch obtained from Debian's 4.69-9+lenny2. - Build with WHITELIST_D_MACROS=OUTGOING. After this security update, exim will not regain root privileges (usually necessary for local delivery) if the -D option was used. Macro identifiers listed in WHITELIST_D_MACROS are exempted from this restriction. mailscanner (4.79.11-2.2) uses -DOUTGOING. - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this security update, exim will not re-gain root privileges (usually necessary for local delivery) if the -C option was used. This makes it impossible to start a fully functional damon with an alternate configuration file. /etc/exim4/trusted_configs (can) contain a list of filenames (one per line, full path given) to which this restriction does not apply. - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to Debian and Andreas Metzler for the text. - CVE-2010-4345 * SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023) - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return codes in src/exim.c, src/log.c. - CVE-2011-0017 * SECURITY UPDATE: denial of service and possible arbitrary code execution via hard link to another user's file (LP: #609620) - debian/patches/CVE-2010-2023.dpatch: check for links in src/transports/appendfile.c. - CVE-2010-2023 * SECURITY UPDATE: denial of service and possible arbitrary code execution via symlink on a lock file (LP: #609620) - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in src/exim_lock.c, src/transports/appendfile.c. - CVE-2010-2024 * debian/rules: disable debconf-updatepo so the security update doesn't alter translations. -- Marc Deslauriers marc.deslauri...@ubuntu.com Tue, 08 Feb 2011 13:41:17 -0500 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
This bug was fixed in the package exim4 - 4.74-1ubuntu1 --- exim4 (4.74-1ubuntu1) natty; urgency=low * Merge from debian experimental. Remaining changes: (LP: #713855) - debian/patches/71_exiq_grep_error_on_messages_without_size.patch: + Improve handling of broken messages when exim4 -bp (mailq) reports lines without size info. (Closes: #528625) - debian/control: Don't declare a Provides: default-mta; in Ubuntu, we want postfix to be the default. - debian/{control,rules}: Add and enable hardened build for PIE. (Closes: #542726) * Update 71_exiq_grep_error_on_messages_without_size.patch to get way which upstream has fixed it. Probably it can be dropped with next upstream release. * This upload fixes CVE: (LP: #708023) - CVE-2011-0017 exim4 (4.74-1) experimental; urgency=low * 4.74 release, should build on hurd again. * Fix some lintian --pedantic issues: copyright-refers-to-symlink-license maintainer-script-without-set-e debian-control-has-unusual-field-spacing exim4 (4.74~rc2-1) experimental; urgency=low * In spf example use spf-tools-perl's spfquery instead of the one from libmail-spf-query-perl. Do not try to use unimplemented best-guess support. Update Suggests accordingly. Closes: #608336 * Add headers in ACL by using the add_header modifier instead of message. (This modifier has been available since 4.61.) Closes: #609308 * New upstream version. + includes the fix for CVE-2011-0017 + If a non-debug daemon was invoked with a non-whitelisted macro, then logs from after attempting delivery would be silently lost, including for successful delivery. This log-loss bug was introduced in 4.73 as part of the security lockdown. Closes: #610611 + Update some patches. -- Artur Rona ari-tc...@ubuntu.com Wed, 09 Feb 2011 21:31:35 +0100 ** Changed in: exim4 (Ubuntu Natty) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
** Also affects: exim4 (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: exim4 (Ubuntu Dapper) Importance: Undecided Status: New ** Also affects: exim4 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: exim4 (Ubuntu Natty) Importance: Medium Assignee: Artur Rona (ari-tczew) Status: Confirmed ** Also affects: exim4 (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: exim4 (Ubuntu Karmic) Importance: Undecided Status: New ** Changed in: exim4 (Ubuntu Dapper) Status: New = Confirmed ** Changed in: exim4 (Ubuntu Dapper) Importance: Undecided = Medium ** Changed in: exim4 (Ubuntu Dapper) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: exim4 (Ubuntu Hardy) Status: New = Confirmed ** Changed in: exim4 (Ubuntu Karmic) Importance: Undecided = Medium ** Changed in: exim4 (Ubuntu Karmic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: exim4 (Ubuntu Lucid) Status: New = Confirmed ** Changed in: exim4 (Ubuntu Maverick) Status: New = Confirmed ** Changed in: exim4 (Ubuntu Maverick) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: exim4 (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: exim4 (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: exim4 (Ubuntu Karmic) Status: New = Confirmed ** Changed in: exim4 (Ubuntu Hardy) Importance: Undecided = Medium ** Changed in: exim4 (Ubuntu Hardy) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: exim4 (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 708023] Re: exim 4.74 released fixes CVE-2011-0017
** Changed in: exim4 (Ubuntu) Assignee: (unassigned) = Artur Rona (ari-tczew) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to exim4 in ubuntu. https://bugs.launchpad.net/bugs/708023 Title: exim 4.74 released fixes CVE-2011-0017 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs