drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Exim
Name: |
Mangelnde Rechteprüfung in Exim |
|
ID: |
USN-4366-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 14.04 ESM, Ubuntu 19.10, Ubuntu 20.04 LTS |
|
Datum: |
Di, 19. Mai 2020, 16:59 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783 |
|
Applikationen: |
exim |
|
Originalnachricht |
--===============5668994123055114019== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="x+6KMIRAuhnl3hBn" Content-Disposition: inline
--x+6KMIRAuhnl3hBn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4366-1 May 19, 2020
exim4 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM
Summary:
Exim could be made to access sensitive information or bypass authentication if it received a specially crafted input.
Software Description: - exim4: Exim is a mail transport agent
Details:
It was discovered that Exim incorrectly handled certain inputs. An remote attacker could possibly use this issue to access sensitive information or authentication bypass.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: exim4-base 4.93-13ubuntu1.1 exim4-daemon-heavy 4.93-13ubuntu1.1 exim4-daemon-light 4.93-13ubuntu1.1
Ubuntu 19.10: exim4-base 4.92.1-1ubuntu3.1 exim4-daemon-heavy 4.92.1-1ubuntu3.1 exim4-daemon-light 4.92.1-1ubuntu3.1
Ubuntu 18.04 LTS: exim4-base 4.90.1-1ubuntu1.5 exim4-daemon-heavy 4.90.1-1ubuntu1.5 exim4-daemon-light 4.90.1-1ubuntu1.5
Ubuntu 16.04 LTS: exim4-base 4.86.2-2ubuntu2.6 exim4-daemon-heavy 4.86.2-2ubuntu2.6 exim4-daemon-light 4.86.2-2ubuntu2.6
Ubuntu 14.04 ESM: exim4-base 4.82-3ubuntu2.4+esm2 exim4-daemon-heavy 4.82-3ubuntu2.4+esm2 exim4-daemon-light 4.82-3ubuntu2.4+esm2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4366-1 CVE-2020-12783
Package Information: https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.1 https://launchpad.net/ubuntu/+source/exim4/4.92.1-1ubuntu3.1 https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.5 https://launchpad.net/ubuntu/+source/exim4/4.86.2-2ubuntu2.6
--x+6KMIRAuhnl3hBn Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl7D53IACgkQRbznW4QL H2l/4RAAmv7gvofj13RopyxukeCDp6/u1Hf2mlhXecI4oO8F2tcT99uJdaYyUAkF Pa2UYixDwT1kDE6+UIgz/xrp7dWNZi79hExAWFufKo9vMz/HPjchJlWZq+RLfH9j BkFV0lxEYO8vGN4N977SmLwx4epapZXMm4gGVGFoVUgVmNu4OYwnyWEP6BkkqLYz llCsvFt7wiWyx09nlcAyXR6J1bqnEHilYwV8dnWCwXPxBesnyStAnCJ+BWwp5AXK xX1Ee9WnL6lRRye9Pi/sNbIqMtbZcdkgoPYVjF3kVLxp3YPVlmZf+HPbTYheAF78 jfLZ6VzFnvBlVqEek/A8lQDRLWz7PKezSl3mBV+XriCPRomy8LMR89auZCK3QDm8 Bfyx4yLfRgfC7YqL4ynGKJhsANRmsbdNOxoc+00KmGJv7momTNDa7c3ApB3Dadfo HPtS0pHPyCy+eFqq52pBm8QRi1IzrlxgqfaDDxNQ4pGBEUTTZsHQUA5OL/7yvoCM 1I0BQrCguJtGPtK6OITJjRxjoyNs7V+CS9JOJJ6nf6/WtU/1uPg7NWAQPVUS07ZF m/ruv04x8mwJPODjf3ooJBiCWkehCOeeOYwotz5ZsPbO1p4/jBBGBMuKTH0t0gzw ZZGwNwg40X+vKJUtMupeyx4HA/ks21nOsKr5LcKhj8Fr0mzX61E= =j5W/ -----END PGP SIGNATURE-----
--x+6KMIRAuhnl3hBn--
--===============5668994123055114019== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|