drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Exim
| Name: |
Mangelnde Rechteprüfung in Exim |
|
| ID: |
USN-4366-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 14.04 ESM, Ubuntu 19.10, Ubuntu 20.04 LTS |
|
| Datum: |
Di, 19. Mai 2020, 16:59 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783 |
|
| Applikationen: |
exim |
|
Originalnachricht |
--===============5668994123055114019==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="x+6KMIRAuhnl3hBn"
Content-Disposition: inline
--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4366-1
May 19, 2020
exim4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 19.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
Summary:
Exim could be made to access sensitive information or bypass
authentication if it received a specially crafted input.
Software Description:
- exim4: Exim is a mail transport agent
Details:
It was discovered that Exim incorrectly handled certain inputs.
An remote attacker could possibly use this issue to access sensitive
information or authentication bypass.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
exim4-base 4.93-13ubuntu1.1
exim4-daemon-heavy 4.93-13ubuntu1.1
exim4-daemon-light 4.93-13ubuntu1.1
Ubuntu 19.10:
exim4-base 4.92.1-1ubuntu3.1
exim4-daemon-heavy 4.92.1-1ubuntu3.1
exim4-daemon-light 4.92.1-1ubuntu3.1
Ubuntu 18.04 LTS:
exim4-base 4.90.1-1ubuntu1.5
exim4-daemon-heavy 4.90.1-1ubuntu1.5
exim4-daemon-light 4.90.1-1ubuntu1.5
Ubuntu 16.04 LTS:
exim4-base 4.86.2-2ubuntu2.6
exim4-daemon-heavy 4.86.2-2ubuntu2.6
exim4-daemon-light 4.86.2-2ubuntu2.6
Ubuntu 14.04 ESM:
exim4-base 4.82-3ubuntu2.4+esm2
exim4-daemon-heavy 4.82-3ubuntu2.4+esm2
exim4-daemon-light 4.82-3ubuntu2.4+esm2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4366-1
CVE-2020-12783
Package Information:
https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.1
https://launchpad.net/ubuntu/+source/exim4/4.92.1-1ubuntu3.1
https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.5
https://launchpad.net/ubuntu/+source/exim4/4.86.2-2ubuntu2.6
--x+6KMIRAuhnl3hBn
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl7D53IACgkQRbznW4QL
H2l/4RAAmv7gvofj13RopyxukeCDp6/u1Hf2mlhXecI4oO8F2tcT99uJdaYyUAkF
Pa2UYixDwT1kDE6+UIgz/xrp7dWNZi79hExAWFufKo9vMz/HPjchJlWZq+RLfH9j
BkFV0lxEYO8vGN4N977SmLwx4epapZXMm4gGVGFoVUgVmNu4OYwnyWEP6BkkqLYz
llCsvFt7wiWyx09nlcAyXR6J1bqnEHilYwV8dnWCwXPxBesnyStAnCJ+BWwp5AXK
xX1Ee9WnL6lRRye9Pi/sNbIqMtbZcdkgoPYVjF3kVLxp3YPVlmZf+HPbTYheAF78
jfLZ6VzFnvBlVqEek/A8lQDRLWz7PKezSl3mBV+XriCPRomy8LMR89auZCK3QDm8
Bfyx4yLfRgfC7YqL4ynGKJhsANRmsbdNOxoc+00KmGJv7momTNDa7c3ApB3Dadfo
HPtS0pHPyCy+eFqq52pBm8QRi1IzrlxgqfaDDxNQ4pGBEUTTZsHQUA5OL/7yvoCM
1I0BQrCguJtGPtK6OITJjRxjoyNs7V+CS9JOJJ6nf6/WtU/1uPg7NWAQPVUS07ZF
m/ruv04x8mwJPODjf3ooJBiCWkehCOeeOYwotz5ZsPbO1p4/jBBGBMuKTH0t0gzw
ZZGwNwg40X+vKJUtMupeyx4HA/ks21nOsKr5LcKhj8Fr0mzX61E=
=j5W/
-----END PGP SIGNATURE-----
--x+6KMIRAuhnl3hBn--
--===============5668994123055114019==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
