[Slackbuilds-users] Exim & CVE-2016-9963

Thomas Morper thomas at beingboiled.info
Sun Dec 25 15:16:20 UTC 2016


Happy holidays, everyone!

Two new versions of the Exim Internet Mailer were released today to fix a 
security issue where DKIM keys can be leaked to log files and remote 
hosts if several conditions are met. For details see:

  https://exim.org/static/doc/CVE-2016-9963.txt

I've prepared builds for the fixed versions. These builds are somewhat 
improvised, though, as I currently don't have access to my usual build and 
test environment. If you use DKIM signing, have a look at

  https://beingboiled.info/file/exim-4.87.1.tar.gz  or
  https://beingboiled.info/file/exim-4.88.tar.gz

If you don't use DKIM the existing 4.87 should be safe. Nevertheless, I'll 
submit a regular update within the next few days.

-- 


More information about the SlackBuilds-users mailing list