openSUSE-SU-2024:0218-1

Опубликовано: 25 июл. 2024

Источник: suse-cvrf

Описание

Security update for exim

This update for exim fixes the following issues:

CVE-2024-39929: Fixed incorrect parsing of multiline rfc2231 header filename (boo#1227423).

Список пакетов

SUSE Package Hub 15 SP5

exim-4.97.1-bp155.5.12.1

eximon-4.97.1-bp155.5.12.1

eximstats-html-4.97.1-bp155.5.12.1

openSUSE Leap 15.5

exim-4.97.1-bp155.5.12.1

eximon-4.97.1-bp155.5.12.1

eximstats-html-4.97.1-bp155.5.12.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3XAMVZ4QHUCDCCXUDIQEZCTUQTZA2P46/
E-Mail link for openSUSE-SU-2024:0218-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227423
SUSE Bug 1227423
https://www.suse.com/security/cve/CVE-2024-39929/
SUSE CVE CVE-2024-39929 page

Описание

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.

Затронутые продукты

SUSE Package Hub 15 SP5:exim-4.97.1-bp155.5.12.1

SUSE Package Hub 15 SP5:eximon-4.97.1-bp155.5.12.1

SUSE Package Hub 15 SP5:eximstats-html-4.97.1-bp155.5.12.1

openSUSE Leap 15.5:exim-4.97.1-bp155.5.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-39929.html
CVE-2024-39929
https://bugzilla.suse.com/1227423
SUSE Bug 1227423

openSUSE-SU-2024:0218-1

Описание

Список пакетов

SUSE Package Hub 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-39929

Описание

Затронутые продукты

Ссылки