openSUSE-SU-2017:3220-1

Опубликовано: 05 дек. 2017

Источник: suse-cvrf

Описание

Security update for exim

This update for exim fixes the following issues:

Security issue fixed:

CVE-2017-16943: Fix possible remote code execution (boo#1069857).

Список пакетов

openSUSE Leap 42.2

exim-4.86.2-17.1

eximon-4.86.2-17.1

eximstats-html-4.86.2-17.1

openSUSE Leap 42.3

exim-4.86.2-17.1

eximon-4.86.2-17.1

eximstats-html-4.86.2-17.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2017-12/msg00009.html
E-Mail link for openSUSE-SU-2017:3220-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

Затронутые продукты

openSUSE Leap 42.2:exim-4.86.2-17.1

openSUSE Leap 42.2:eximon-4.86.2-17.1

openSUSE Leap 42.2:eximstats-html-4.86.2-17.1

openSUSE Leap 42.3:exim-4.86.2-17.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-16943.html
CVE-2017-16943
https://bugzilla.suse.com/1069857
SUSE Bug 1069857

openSUSE-SU-2017:3220-1

Описание

Список пакетов

openSUSE Leap 42.2

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-16943

Описание

Затронутые продукты

Ссылки