[exim] Security: GnuTLS remote compromise

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-users
Subject: [exim] Security: GnuTLS remote compromise
A heads-up for those who use GnuTLS in their Exim: make sure that you
upgrade GnuTLS to deal with this security problem:

<URL:http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0645>
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0645

Description: Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by
(1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU
Shishi, allows attackers to crash the DER decoder and possibly execute
arbitrary code via "out-of-bounds access" caused by invalid input, as
demonstrated by the ProtoVer SSL test suite.

What this means: if you run Exim with STARTTLS support in the server
side, then any host which can issue STARTTLS to you can compromise Exim
and run arbitrary code on your system as the user which Exim runs as.

Update libtasn1/GnuTLS and the problem disappears. You probably don't
need to recompile Exim.

If you use pre-built packages, then see the URL above for the vendor
URLs to deal with this issue.

-Phil