1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA-2154-2] exim4 regression fix

    From Stefan Fritsch@1:229/2 to All on Sun Jan 30 23:10:02 2011
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------ Debian Security Advisory DSA-2154-2 [email protected] http://www.debian.org/security/ Stefan Fritsch January 30, 2011 http://www.debian.org/security/faq
    - ------------------------------------------------------------------------

    Package : exim4
    Vulnerability : privilege escalation / regression
    Problem type : local
    CVE Id(s) : CVE-2010-4345 CVE-2011-0017
    Debian bug : 611572
    Behaviour change : yes

    The updated packages from DSA-2154-1 introduced a regression which
    prevented unprivileged users from using 'exim4 -bf' to test filter configurations. This update fixes this problem.

    Please also read the information provided in DSA-2154-1 if you have
    not done so already.

    For the stable distribution (lenny), this problem has been fixed in
    version 4.69-9+lenny4.

    For the testing distribution (squeeze) and the unstable distribution
    (sid), this problem will be fixed soon.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iD8DBQFNRd8Tbxelr8HyTqQRAo1jAJwIKvN6wJcNQMCS8TdTD9/rSrVjbwCeKCG6 dpsHKoU001vpAedZse3H9JM=
    =RjQY
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)