[Slackbuilds-users] Exim & CVE-2016-9963
Thomas Morper
thomas at beingboiled.info
Sun Dec 25 15:16:20 UTC 2016
Happy holidays, everyone!
Two new versions of the Exim Internet Mailer were released today to fix a
security issue where DKIM keys can be leaked to log files and remote
hosts if several conditions are met. For details see:
https://exim.org/static/doc/CVE-2016-9963.txt
I've prepared builds for the fixed versions. These builds are somewhat
improvised, though, as I currently don't have access to my usual build and
test environment. If you use DKIM signing, have a look at
https://beingboiled.info/file/exim-4.87.1.tar.gz or
https://beingboiled.info/file/exim-4.88.tar.gz
If you don't use DKIM the existing 4.87 should be safe. Nevertheless, I'll
submit a regular update within the next few days.
--
More information about the SlackBuilds-users
mailing list