CVE ID: CVE-2019-15846
Credits: Zerons <sironhide0null@???>, Qualys
Version(s): all versions up to and including 4.92.1
Issue: The SMTP Delivery process in all¹ versions up to and
including Exim 4.92.1 has a Buffer Overflow. In the default
runtime configuration, this is exploitable with crafted Server
Name Indication (SNI) data during a TLS negotiation. In other
configurations, it is exploitable with a crafted client TLS certificate.
Details: doc/doc-txt/cve-2019-15846 in the downloaded source tree
Coordinated Release Date (CRD) for Exim 4.92.2:
2019-09-06 10:00 UTC
Contact: security@???
We released Exim 4.92.2. This is a security update based on 4.92.1.
Mitigation
==========
Do not offer TLS for incomming connections (tls_advertise_hosts).
This mitigation is *not* recommended!
Downloads
=========
Starting at CRD the downloads will be available from the following
sources:
Release tarballs (exim-4.92.2):
https://ftp.exim.org/pub/exim/exim4/
The package files are signed with my GPG key.
The full Git repo:
https://git.exim.org/exim.git
https://github.com/Exim/exim [mirror of the above]
- tag exim-4.92.2
- branch exim-4.92.2+fixes
The tagged commit is the officially released version. The tag is signed
with my GPG key. The +fixes branch isn't officially maintained, but
contains useful patches *and* the security fix. The relevant commit is
signed with my GPG key. The old exim-4.92.1+fixes branch is being functionally
replaced by the new exim-4.92.2+fixes branch.
¹) We've indication, that only versions starting with 4.80 up to and
including 4.92.1 are affected.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
