Hello,
in case you missed this on one of the other channels:
Heiko Schlittermann <hs@???> (Fr 16 Dez 2016 00:36:45 CET):
…
> Product: Exim
> Versions: 4.69 -> 4.87
> Impact: Possible leak of private information to a remote attacker
> Reference: https://bugs.exim.org/show_bug.cgi?id=1996 (placeholder currently)
> Requester: Heiko Schlittermann <hs@???> (Exim Developer)
> Credits: Bjoern Jacke <bjoern@???>
>
> If several conditions are met, Exim leaks private information to
> a remote attacker.
…
As at least one major distro isn't ready yet, we'll keep our initial schedule
and release the fixed versions on Dec, 25th, 10:00 UTC.
You'll find the versions in the usual places
git://git.exim.org/exim.git Tags exim-4_88, exim-4_87_1
ftp://ftp.exim.org/pub/exim/exim4/ 4.88
ftp://ftp.exim.org/pub/exim/exim4/old/ 4.87.1
If you have older versions running, you should update to at least 4.87.1.
We're sorry for the release date.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
