Package: exim4 Version: 4.69-9 Severity: critical Tags: security Justification: root security hole
There is a discussion on exim-dev[0] relating to an incident of root-level compromise owing to a couple of bugs. The first (the remote attack) appears[1] to be related to a bug already fixed in mainline[2]. [0] <http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html> [1] <http://www.exim.org/lurker/message/20101210.071922.233697ac.en.html#exim-dev> [2] <http://bugs.exim.org/show_bug.cgi?id=787> I hadn't seen any response from any Debian people on this (publically at least) so I thought it would be worth filing this bug, to make sure the right people are aware of the issue. Cheers, Dominic. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
