1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3517-1] exim4 security update

    From Salvatore Bonaccorso@1:229/2 to All on Mon Mar 14 06:50:02 2016
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3517-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso
    March 14, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : exim4
    CVE ID : CVE-2016-1531

    A local root privilege escalation vulnerability was found in Exim,
    Debian's default mail transfer agent, in configurations using the 'perl_startup' option (Only Exim via exim4-daemon-heavy enables Perl
    support).

    To address the vulnerability, updated Exim versions clean the complete execution environment by default, affecting Exim and subprocesses such
    as transports calling other programs, and thus may break existing installations. New configuration options (keep_environment,
    add_environment) were introduced to adjust this behavior.

    More information can be found in the upstream advisory at https://www.exim.org/static/doc/CVE-2016-1531.txt

    For the oldstable distribution (wheezy), this problem has been fixed
    in version 4.80-7+deb7u2.

    For the stable distribution (jessie), this problem has been fixed in
    version 4.84.2-1.

    For the testing distribution (stretch), this problem has been fixed
    in version 4.86.2-1.

    For the unstable distribution (sid), this problem has been fixed in
    version 4.86.2-1.

    We recommend that you upgrade your exim4 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJW5lBzAAoJEAVMuPMTQ89EGnwP/011ZNUNFZrPmxVlvdkbO7cr duDxC9y5n0n0rsExDP4dKoeclsc+dCBRJn9IZzDjeBZ+ZVbzhYzji95NBx/RjoWO 3DvByrQJgeYN5KLu/hLcRslAMTjGrL4IwdQ4TVCiYip/GyyxmzoA0d2r6pkbSr5u jFn79Yofc9AqPFJqrgZquY6wQl16oYHcqZsaUGE6SgRa9XnJYi3PYksG/JB8+mni ImJggYTwjuX+uJSQEvDS6vKmEZ9k3+sTlTtn2Zu+wVOx/UZwK5Eg2Ec1fiI45yoQ FEzzbEzuFHKkL+fHjHFjRlmzZ0W4C7wVmcV3eFqynXXpkbu/LKf6zpY9Cixq/DMs WhNc4/Tie4u0ygdWWcvLpXnZt+KlQzw6RBm+XT//ajgdakKUgyeHu8PMqTR9I1M4 GbzEqDAfU+g5uQWed97OdJ+OJxkYYlt4IY/cLg/aYvDhJZsNxRy8OID/mmP0/Gv2 o8suOcReCJKVq1P+wZ+gU+zQGTyO1I3ATTVoN5teAVd63JpJKMofAvjRiDdIsDqo +d9JnSwhZQhkQSoQN2EMHY/zzb+yFMfat5Rw6NmxIpBB3NIgNdL9zg08Yn4QsHyl XMXPUOkuq4YjjmYDi87ZmVTryXXJYh209mKd2pY45n1SCCU4NOqnSrrtK6O1VNgd Mky4/TT5s19NLEoGLxwI
    =WpbR
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)