drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Exim
Name: |
Ausführen beliebiger Kommandos in Exim |
|
ID: |
USN-5741-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10 |
|
Datum: |
Do, 24. November 2022, 21:23 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559 |
|
Applikationen: |
exim |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============7165642221758311963== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------WjoqkB0ZY3AdhgnD2sfexahH"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------WjoqkB0ZY3AdhgnD2sfexahH Content-Type: multipart/mixed; boundary="------------9of6vm8vFr2ap0Tu8UXY2TRD"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <4fa652a7-c84b-f7df-a3d5-1e797a813a19@canonical.com> Subject: [USN-5741-1] Exim vulnerability
--------------9of6vm8vFr2ap0Tu8UXY2TRD Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-5741-1 November 24, 2022
exim4 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS
Summary:
Exim could be made to crash or run programs if it processed specially crafted regular expressions.
Software Description: - exim4: Exim is a mail transport agent
Details:
It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10: exim4-base 4.96-3ubuntu1.1 exim4-daemon-heavy 4.96-3ubuntu1.1 exim4-daemon-light 4.96-3ubuntu1.1
Ubuntu 22.04 LTS: exim4-base 4.95-4ubuntu2.2 exim4-daemon-heavy 4.95-4ubuntu2.2 exim4-daemon-light 4.95-4ubuntu2.2
Ubuntu 20.04 LTS: exim4-base 4.93-13ubuntu1.7 exim4-daemon-heavy 4.93-13ubuntu1.7 exim4-daemon-light 4.93-13ubuntu1.7
Ubuntu 18.04 LTS: exim4-base 4.90.1-1ubuntu1.10 exim4-daemon-heavy 4.90.1-1ubuntu1.10 exim4-daemon-light 4.90.1-1ubuntu1.10
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5741-1 CVE-2022-3559
Package Information: https://launchpad.net/ubuntu/+source/exim4/4.96-3ubuntu1.1 https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.2 https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.7 https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.10 --------------9of6vm8vFr2ap0Tu8UXY2TRD--
--------------WjoqkB0ZY3AdhgnD2sfexahH Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmN/hVsACgkQZWnYVadE vpPI7A/9HKIG+XKWBP06uDrAqi3tcQuKzcyGPSE9w2XJ+whlM3Kpo8y0FA2X9NG+ We6tXbVL0fPQ+8GQnVk6mYavAMF63+BaOvM06RiMMDDJjEhc5jnt7Rxhhr2o6m0h 4/hObwJYiVMQr+KuAcwrtfGf5uU6eIVjP4SUbwnwxw5njmc82JaX6OZfJkF7Vfhc z5T4hhKuphCa3k4LO3JWl39tBF1BA2QxipuJXev04r+SCrL+ij5z2MefqQW16Cp8 OcJlceTeSMc8s5W7GW/sw/jdrbJtXPswvjQkkTo3/cTEfVbyJn0MIDrxAwQO7i0B g4MdTg9aIqSuKEe86wKnazs3l6gFrGr2rHY/H2prI1eKU3hDe+h3EgFtNJiq7WsL 0oE/YL7NVbS/Y8he2Tpg4AGnxxw8HPqmMlX8/Z1+YXcSVrSHF/HTiUSKAGLcEIrI 93we1OmzXZUejFv3l6gzx3axo1qnfCe7vBVn1ZfXnbtY9FV7gTEfMY39Z3MW/UFQ 1jT6PycjTkcnzgvjzdiIMtzvkYkq+E1I2oGiiepO2QnLNn0OmTgLjCd7HmzLJmE/ iY8SUaWyXl2YoSvHWpBMyOzmxQ/GLixqTyLf9MiUPx5haGVKmPChnvgYZIcC8BAq 95V5jrorcGz/TQizJI09jBqvdUX3Db2ruJ2j/ukUnXgTNstBEQE= =hIu9 -----END PGP SIGNATURE-----
--------------WjoqkB0ZY3AdhgnD2sfexahH--
--===============7165642221758311963== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============7165642221758311963==--
|
|
|
|