Re: [exim] CVE-2019-15846 ..Exim Vulnerability

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jan Ingvoldstad
Date:  
À: exim users
Sujet: Re: [exim] CVE-2019-15846 ..Exim Vulnerability
On Sat, Sep 14, 2019 at 2:01 AM Jasen Betts via Exim-users <
exim-users@???> wrote:

> On 2019-09-13, Jan Ingvoldstad via Exim-users <exim-users@???> wrote:
> > From the Wheezy ELTS package:
> [...]
> > dpkg-source: info: applying
> 92_Fix-base64d-buffer-size-CVE-2018-6789.patch
> > dpkg-source: info: applying 93_CVE-2019-15846.patch
> >
>
> it looks like the patch is present already in the debian package, that's
> good news.
>


Yes, but it's only available for people who have taken the bother of
changing their repository setup to download from the Freexian Wheezy ELTS
repo instead of the official Debian repo:

https://deb.freexian.com/extended-lts/

So while this solves the currently known issues with Exim 4.80, it is only
palliative care for Debian Wheezy.

--
Jan