Summary: | Security bug found in Exim by Philip Hazel | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Christian Gut <cycloon> |
Component: | Current packages | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | net-mail+disabled, tberman, tschafer |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Christian Gut
2003-08-15 09:25:51 UTC
[Security dept.: The patches are at the URL if you are confused] Forwarding on to security dept. exim-4.21 is now in portage. including ipv6 support. exiscan has been deprecated. exiscan-acl is now the only choice. 4.20 and 3.36 still need the patches added. exim-4.22 has been added to portage. I will be adding the patch for 3.36 but as we have newer version fof exim available I think it would be wise to make 4.22 stable after we get a couple more "this one works fine" reports. Okay... I take that back. I thought we still had a 3.x build in portage. Guess we don't ;) anyone could tell how long it would take to get a fixed stable version? This bug is now on bugtraq and major news sites (heise.de). I think we should definitely get a stable ebuild, either with patch or with 2.4.21. Also a GLSA would be in need, i think. Bugs have been fixed ( thanks to Nick raker@gentoo.org ) A GLSA was sent http://forums.gentoo.org/viewtopic.php?t=84447 Changing resolution to FIXED |