Your message dated Sat, 02 Dec 2017 19:32:22 +0000 with message-id <e1eldwq-000chu...@fasolo.debian.org> and subject line Bug#882648: fixed in exim4 4.89-2+deb9u2 has caused the Debian Bug report #882648, regarding exim4: CVE-2017-16943: use-after-free vulnerability while reading mail header to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 882648: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: exim4 Version: 4.89-9 Severity: grave Tags: security Justification: remote code execution Source: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html ----- Forwarded message from Phil Pennock <p...@exim.org> ----- Date: Fri, 24 Nov 2017 22:48:42 -0500 From: Phil Pennock <p...@exim.org> To: exim-annou...@exim.org Subject: [exim-announce] Critical Exim Security Vulnerability: disable chunking Reply-To: exim-announce-ow...@exim.org Folks, A remote code execution vulnerability has been reported in Exim, with immediate public disclosure (we were given no private notice). A tentative patch exists but has not yet been confirmed. With immediate effect, please apply this workaround: if you are running Exim 4.88 or newer (4.89 is current, 4.90 is upcoming) then in the main section of your Exim configuration, set: chunking_advertise_hosts = That's an empty value, nothing on the right of the equals. This disables advertising the ESMTP CHUNKING extension, making the BDAT verb unavailable and avoids letting an attacker apply the logic. This should be a complete workaround. Impact of applying the workaround is that mail senders have to stick to the traditional DATA verb instead of using BDAT. We've requested CVEs. More news will be forthcoming as we get this worked out. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-announce Exim details at http://www.exim.org/ ## ----- End forwarded message -----
--- End Message ---
--- Begin Message ---Source: exim4 Source-Version: 4.89-2+deb9u2 We believe that the bug you reported is fixed in the latest version of exim4, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 882...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated exim4 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 28 Nov 2017 22:58:00 +0100 Source: exim4 Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-dev Architecture: source Version: 4.89-2+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Exim4 Maintainers <pkg-exim4-maintain...@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 882648 882671 Description: exim4 - metapackage to ease Exim MTA (v4) installation exim4-base - support files for all Exim MTA (v4) packages exim4-config - configuration for the Exim MTA (v4) exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA "heavy" daemon exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-daemon-light-dbg - debugging symbols for the Exim MTA "light" daemon exim4-dbg - debugging symbols for the Exim MTA (utilities) exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Changes: exim4 (4.89-2+deb9u2) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Avoid release of store if there have been later allocations (CVE-2017-16943) (Closes: #882648) * Chunking: do not treat the first lonely dot special (CVE-2017-16944) (Closes: #882671) Checksums-Sha1: 204634dbf28f510e00fb56926801fd81b64317c1 2973 exim4_4.89-2+deb9u2.dsc a2acd71e491f5f7329bad6ed99a9f19af2b8195f 449560 exim4_4.89-2+deb9u2.debian.tar.xz Checksums-Sha256: 2b6bcf331020f22936fb5f77f874b6a4b8bb972a69662be75b9ce0e5a9b004b6 2973 exim4_4.89-2+deb9u2.dsc 4807209496800f2ff4e1106ba96b8d4ea62915c018ec449eb02f909023d351c1 449560 exim4_4.89-2+deb9u2.debian.tar.xz Files: 6cfac34055291c55d36d46301fadc259 2973 mail standard exim4_4.89-2+deb9u2.dsc c66cd7c11e08e0cd22899110ed62eb94 449560 mail standard exim4_4.89-2+deb9u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlod3VdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EOaEP/0BMk1ORcxvy1GdzcnEkTpeVqmlEzFRu 4+3LP295RquXN8EfstrSeK9++gO+BEVR7RyO9ATBWrLpYs7+ltJPDkF8lccCZpHu FFj9yLgpG0n8trCuZXvzeNiMI5v80OSOkAz+EBhufG9LytPweapUVO/NtgOF8T+8 lJx0OqBwciVNQnV5ZftSGWG3L4GRkziLASEf1h4dLILjCgWvNfWyA+dIJWHjKLgS EYtJ8UwwpUnofhcDhLfT3rReGoVZ7o0xr60QkDIRQtJ8F/ZC+FQVjisQ19mBlUvm XpxwPJz3Rr5dIaJZrlV0wk5F41Mwvan8sCaysmBnf6OxB6UvlK3dXvSv3pZ57vw6 TJogs/9XGbn7pex0/ET7AmmAIIT01XkakaVuJ1usLb4u7OyoK7qgik/+fvgFnUlC yEvv8IDQPWiAXFF/qITMXgAwrHk+033/V/JTN2FnDrnzf+HpXnT0n6xP4jOl7l23 vg0MDmQPPlkRccN3ZOqWAt4UnM2xhVaaYacL0P6KMr7Egxw4QBwbY38pfPajDh1e Zp6mnYLVcnJ17O2NWIAU92nnRIHoRrvPdnOxiBGcIYeLXHePfFIWlc7k3Xe5t4JC vX5jqmllHAPTLldNL8xLA0H++r5BKIrUDg+GIgv4+l3u7YHcXnE4yIfQEvD/qTnT 9k4+pghzboqr =G9Rh -----END PGP SIGNATURE-----
--- End Message ---
