Re: [exim] The most used Exim version is the vulnerable one

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] The most used Exim version is the vulnerable one
Dave Howe via Exim-users <exim-users@???> (Mi 12 Jun 2019 15:12:26 CEST):
> On 12/06/2019 12:01, Gary Stainburn via Exim-users wrote:
> > I have just done a "yum update" on my C7 system and there was no EXIM update included. Hopefully this will be resolved soon.
>
> Was under the impression this was already resolved in 4.92 so provided
> you are on at least that, presumably no further update is needed?
>
> https://centos.pkgs.org/7/epel-x86_64/exim-4.92-1.el7.x86_64.rpm.html
> <-- changelog says 2019-06-04


Yes, in 4.92 this bug was fixed "unintentionally".
So, 4.92 is safe with respect to this CVE.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -