** Changed in: exim4 (Debian)
Status: Unknown = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
To manage
This bug was fixed in the package exim4 - 4.76-1ubuntu1
---
exim4 (4.76-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes (LP: #779391):
- debian/control: Don't declare a Provides: default-mta; in Ubuntu,
we want postfix to be the default.
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
Ubuntu-server-bugs mailing list
This bug was fixed in the package exim4 - 4.74-1ubuntu1.1
---
exim4 (4.74-1ubuntu1.1) natty-security; urgency=low
* SECURITY UPDATE: format string vulnerability (LP: #779391)
- debian/patches/85_CVE-2011-1764.patch: patch from upstream
- CVE-2011-1764
-- Felix Geyer
This bug was fixed in the package exim4 - 4.72-1ubuntu1.2
---
exim4 (4.72-1ubuntu1.2) maverick-security; urgency=low
* SECURITY UPDATE: format string vulnerability (LP: #779391)
- debian/patches/85_CVE-2011-1764.patch: patch from upstream
- CVE-2011-1764
-- Kees Cook
This bug was fixed in the package exim4 - 4.71-3ubuntu1.2
---
exim4 (4.71-3ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: format string vulnerability (LP: #779391)
- debian/patches/85_CVE-2011-1764.patch: patch from upstream
- CVE-2011-1764
-- Felix Geyer
** Branch linked: lp:ubuntu/maverick-security/exim4
** Branch linked: lp:ubuntu/natty-security/exim4
** Branch linked: lp:ubuntu/lucid-security/exim4
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
AAaargh. Who reimplements sprintf!? I am working on hardy and dapper
now. Will have this uploaded shortly. Thanks for double-checking and
getting the Lucid and Oneiric patches ready!
At least full ASLR (PIE[1]) is in place in Lucid and later, so
exploiting this is difficult, but not impossible.
Er, nevermind, DKIM was added after Hardy.
** Also affects: exim4 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: exim4 (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: exim4 (Ubuntu Natty)
Importance: Undecided
Status: New
**
** Bug watch added: Debian Bug tracker #624670
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670
** Also affects: exim4 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670
Importance: Unknown
Status: Unknown
** Bug watch added: bugs.exim.org/ #1106
** Changed in: exim4 (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
** Changed in: exim
Status: Unknown = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
Affects lucid - oneiric (exim4 = 4.70).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
Ubuntu-server-bugs mailing list
Fix for oneiric by merging 4.75-3 from Debian.
** Patch added: exim4_4.75-3ubuntu1.debdiff
https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/+attachment/2119702/+files/exim4_4.75-3ubuntu1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team,
debdiff for lucid
** Patch added: exim4_4.71-3ubuntu1.2.debdiff
https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/779391/+attachment/2119726/+files/exim4_4.71-3ubuntu1.2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
15 matches
Mail list logo