USN-1618-1: Exim vulnerability
26 October 2012
Exim could be made to run programs if it received specially crafted network traffic.
Releases
Packages
- exim4 - Exim is a mail transport agent
Details
It was discovered that Exim incorrectly handled DKIM DNS decoding. This
flaw could allow a remote attacker to execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10
-
exim4-daemon-heavy
-
4.80-3ubuntu1.1
-
exim4-daemon-custom
-
4.80-3ubuntu1.1
-
exim4-daemon-light
-
4.80-3ubuntu1.1
Ubuntu 12.04
-
exim4-daemon-heavy
-
4.76-3ubuntu3.1
-
exim4-daemon-custom
-
4.76-3ubuntu3.1
-
exim4-daemon-light
-
4.76-3ubuntu3.1
Ubuntu 11.10
-
exim4-daemon-heavy
-
4.76-2ubuntu1.1
-
exim4-daemon-custom
-
4.76-2ubuntu1.1
-
exim4-daemon-light
-
4.76-2ubuntu1.1
Ubuntu 11.04
-
exim4-daemon-heavy
-
4.74-1ubuntu1.3
-
exim4-daemon-custom
-
4.74-1ubuntu1.3
-
exim4-daemon-light
-
4.74-1ubuntu1.3
Ubuntu 10.04
-
exim4-daemon-heavy
-
4.71-3ubuntu1.4
-
exim4-daemon-custom
-
4.71-3ubuntu1.4
-
exim4-daemon-light
-
4.71-3ubuntu1.4
In general, a standard system update will make all the necessary changes.