https://nvd.nist.gov/vuln/detail/CVE-2024-39929: "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users." https://bugs.exim.org/show_bug.cgi?id=3099
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1097635d14eeaaa52eeda75da3257a08c27bcf30 commit 1097635d14eeaaa52eeda75da3257a08c27bcf30 Author: Fabian Groffen <grobian@gentoo.org> AuthorDate: 2024-08-21 07:39:00 +0000 Commit: Fabian Groffen <grobian@gentoo.org> CommitDate: 2024-08-21 07:39:47 +0000 mail-mta/exim-4.97.1-r6: CVE-2024-39929 Bug: https://bugs.gentoo.org/938214 Signed-off-by: Fabian Groffen <grobian@gentoo.org> mail-mta/exim/exim-4.97.1-r6.ebuild | 637 +++++++++++++++++++++ .../files/exim-4.97.1-CVE-2024-39929-part1.patch | 111 ++++ .../files/exim-4.97.1-CVE-2024-39929-part2.patch | 247 ++++++++ 3 files changed, 995 insertions(+)
Fixed in mail-mta/exim-4.98
Fixbackported in mail-mta/exim-4.97.1-r6, which is running stable. 4.98 is masked due to segfaults in helper scripts.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27ed5e48f7fcdd986681da73ae9af15de4f53039 commit 27ed5e48f7fcdd986681da73ae9af15de4f53039 Author: Fabian Groffen <grobian@gentoo.org> AuthorDate: 2024-11-26 07:47:56 +0000 Commit: Fabian Groffen <grobian@gentoo.org> CommitDate: 2024-11-26 07:48:30 +0000 mail-mta/exim: cleanup vulnerable Bug: https://bugs.gentoo.org/938214 Signed-off-by: Fabian Groffen <grobian@gentoo.org> mail-mta/exim/exim-4.97.1-r5.ebuild | 634 ------------------------------------ mail-mta/exim/exim-4.97.1.ebuild | 633 ----------------------------------- 2 files changed, 1267 deletions(-)