 Relationships |
|
| Anonymous | Login | 2024-05-06 16:27 CEST |
| Main | My View | View Issues |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0004631 | [exim] upgrade | major | have not tried | 2010-12-13 12:31 | 2010-12-21 01:53 | ||
| Reporter | dm26 | View Status | public | ||||
| Assigned To | bwalton | ||||||
| Priority | normal | Resolution | fixed | ||||
| Status | closed | ||||||
| Summary | 0004631: Upgrade exim to 4.72 | ||||||
| Description |
Please upgrade exim to the latest version. The current OpenCSW version (4.68) has a remote root vulnerability. The exploit is detailed here: http://isc.sans.edu/diary.html?storyid=10057 [^] |
||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0008559) bwalton (administrator) 2010-12-14 03:20 |
Working on it. -Ben |
|
(0008572) bwalton (administrator) 2010-12-16 00:01 |
Packages available in experimental. I haven't tested these myself yet, so treat with care. I won't have a chance to do so until alter tonight. pkgutil -t http://buildfarm.opencsw.org/opencsw/experimental/exim [^] -i CSWexim Thanks -Ben |
|
(0008576) bwalton (administrator) 2010-12-16 22:19 |
The updates have serious issues. I'm working to resolve them. More on this later tonight... |
|
(0008596) bwalton (administrator) 2010-12-18 20:53 |
Ok, the update in experimental seem reasonable to me. Please test and let me know your experience. http://buildfarm.opencsw.org/experimental.html#exim [^] Sorry this has taken so long. :( Thanks -Ben |
|
(0008607) dm26 (reporter) 2010-12-20 15:54 |
Ben, I've tested the new build on a couple of servers and it looks ok so far. Thanks for your help. Darren Miller |
|
(0008608) bwalton (administrator) 2010-12-20 16:08 |
Hi Darren, Are you by any chance using either of the mysql or postgresql lookup facilities? My own exim use is as a smarthost relay, so I'm not personally using any of these advanced lookup types. Thanks -Ben |
|
(0008613) dm26 (reporter) 2010-12-20 21:37 |
Ben, no, I'm only using a basic configuration. Darren |
|
(0008620) bwalton (administrator) 2010-12-21 01:53 |
Updated packages pushed to release. -Ben |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-12-13 12:31 | dm26 | New Issue | |
| 2010-12-14 03:20 | bwalton | Note Added: 0008559 | |
| 2010-12-16 00:01 | bwalton | Note Added: 0008572 | |
| 2010-12-16 00:03 | bwalton | Assigned To | => bwalton |
| 2010-12-16 00:03 | bwalton | Status | new => assigned |
| 2010-12-16 22:19 | bwalton | Note Added: 0008576 | |
| 2010-12-18 20:53 | bwalton | Note Added: 0008596 | |
| 2010-12-20 15:54 | dm26 | Note Added: 0008607 | |
| 2010-12-20 16:08 | bwalton | Note Added: 0008608 | |
| 2010-12-20 21:37 | dm26 | Note Added: 0008613 | |
| 2010-12-21 01:53 | bwalton | Note Added: 0008620 | |
| 2010-12-21 01:53 | bwalton | Status | assigned => closed |
| 2010-12-21 01:53 | bwalton | Resolution | open => fixed |
| Copyright © 2000 - 2008 Mantis Group |  |
