Author: pi
Date:
To: Bhawna.Kapur@in.fujitsu.com
CC: exim-users@exim.org
Subject: Re: [exim] CVE-2019-15846 ..Exim Vulnerability
On 12 Sep 2019 at 10:25:55 +0000, Bhawna.Kapur--- via Exim-users wrote:
> Hello Team,
>
> We have Debian 7 (Wheezy) in our environment.
>
> PRETTY_NAME="Debian GNU/Linux 7 (wheezy)"
> NAME="Debian GNU/Linux"
> VERSION_ID="7"
> VERSION="7 (wheezy)"
> ID=debian
> ANSI_COLOR="1;31"
> HOME_URL="http://www.debian.org/"
> SUPPORT_URL="http://www.debian.org/support/"
> BUG_REPORT_URL="http://bugs.debian.org/"
>
>
> Exim installed version is:
>
> Exim version 4.80 #3 built 14-Mar-2016 20:04:52
> Copyright (c) University of Cambridge, 1995 - 2012
> (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012
> Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
> Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
> Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Configuration file is /var/lib/exim4/config.autogenerated
>
> Is this version of exim is vulnerable ? What would you recommend?
>
> Please suggest..!!
>
> Thanks and Regards,
> Bhawna Kapur
> Technical Service Engineer - NSS
> FUJITSU CONSULTING INDIA
> Office: (+91) 20-2769-0001 Extn 34124
> Mobile: +91 9871205567
> E-mail:bhawna.kapur@???<mailto:bhawna.kapur@in.fujitsu.com>
http://deb.freexian.com/extended-lts/
-- pi
