Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5887-1] exim4 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5887-1] exim4 security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5887-1] exim4 security update
  • Date: Wed, 26 Mar 2025 14:41:00 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1txRwC-009FKZ-Iz AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=Y9hyOUZzU/HTiUrL4HuioxItQKNq5R5nZmpzbPABkx4=; b=S0 KmVxUZlPmHayITTbRBnjrZQup3c3HN8DXXveO+vCynME22HYgvEspcgO1HeIhTh4EIpRacJXASafy 5WshVKN9sKWPCGMLgtTdDQtuaTXgCBhl7s+IPm+x1yFVS8PCFEdur9B+c0BQqJrOD+5kbgAOKfFms iWyVSUdOiJvS0edNdHahSlF2Y5fo7qLasYrhUsKvk/1M7oadkYI5ZxSYkVik8RkE37w4sZHgA/WvC lSaDS4DGsgfhJs78BoEVsmCvfT3wVa2Z5yxl5TadLm3AxcqQ2DvQzbY/Sl7OgrxPFMh5OPc0NKJcD SL6e5rGmtj+9x7h589Him5GowKfibRlw==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 26 Mar 2025 14:41:28 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <XqWfxwXIMVL.A.kLoH.YIB5nB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5887-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 26, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : exim4
CVE ID : CVE-2025-30232

It was discovered that a use-after-free vulnerability in Exim4, a mail
transport agent, may result in privilege escalation for a local
attacker.

For the stable distribution (bookworm), this problem has been fixed in
version 4.96-15+deb12u7.

We recommend that you upgrade your exim4 packages.

For the detailed security status of exim4 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/exim4

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmfkETFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TD6xAAmsPks6VJ8GfLXlxlFtkOLhK9C2Qze1r/wnTJNfB1GQoPqIBG8h+zgXz/
JPTBYLRHVesZCjGY4N2+rGKycXzljeBSdumcNKcjOu3yKaelnuuBD1vaXB2NR+yQ
XXSGn9g/bX0//Rt5PC4U2nbw5p4UkkQ9Pda+EOFt5jjr/2cFu8RMpddfRHrL+DYe
bWdW3EarBQjAKmi74k+euBF7Cgof16XowSuyf8oTXq8TKW72r1YBC3JAF+eDu/Wt
nU4hyEDJm8D1mLORtemI6FVsy4tpWh9dwBCARZuSqy6IHOulyJK/ip2IPF/jDT1x
ENweGdFT+/4uwkhuIU3091+01WYmrCFEuc/Mio/64bLQ0VOwWrv8EKKFxLZMg+xt
E050pW+6PIy8oiUtnmtTmaLmev5pQg7gFf6eS9K9OFbNAP5LW4vGOVnEwsC7QbYF
WKKuRIuX6KvyVqOs/qIdqHT8ermJ9KJHxRXX7UZ3CArmqvRvP5Cx8BjesV5UwnEp
fUqRoIvOXuFN6xkur7td+p0UXJJIlwRl5ArVLoKcJTErOpntY+8HpdOoS0rrVHah
RJU9glohR8SGGI+Np988ReatQnRRrQkiuXUjzmaqjqkCmOtvWiU/0jKPR0E/WGU5
6Y8/3BmPsvKwLQZWis1skWLNtbNL7q3KDFiYC6VnR4GhgPwHHpY=
=tBpE
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5887-1] exim4 security update, Salvatore Bonaccorso, 26.03.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang