Summary: | mail-mta/exim: two buffer overflows | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | andreas.korinek, peitolm, pfeifer |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html | ||
Whiteboard: | B1 [glsa] vorlon | ||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2005-01-06 06:21:24 UTC
peitolm, pfeifer: pls verify and apply patches ___ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0022 http://secunia.com/advisories/13713/ http://securitytracker.com/alerts/2005/Jan/1012771.html Just as I was going to mark 4.43 stable,Will patch, test and fix tomorrow, hopefully Philip will release a new version soon. exim-4.43-r2 seems to be the patched version arches please test and mark stable current KEYWORDS="~x86 ~sparc ~hppa ~alpha ~amd64 ~ia64" target KEYWORDS="x86 sparc hppa alpha amd64 ~ia64" A few CANs for you : CAN-2005-0021 Buffer overflow in the host_aton function via cmdln option CAN-2005-0022 Buffer overflow in the spa_base64_to_bits function I will mark stable on x86 and sparc when I'm happy it is stable, could other archs please test and add ~<arch> I plan to bump to stable in just over 24Hrs time. Stable on hppa. Alpha looks good. AMD64 stable. ppc needs this stable too marking stable on x86, sparc, hppa, alpha, amd64, ppc. ia64 should add ~ia64 KEYWORD. Ready for GLSA GLSA 200501-23 ia64, dont't forget to add the keyword to benefit from the GLSA *** Bug 81134 has been marked as a duplicate of this bug. *** |