Re: Heads-up: EXIM remote root exploit published
On Sun, Dec 12, 2010 at 02:20:39PM +0100, Thomas Krichel wrote:
> | For the testing distribution (squeeze) and the unstable distribution
> | (sid), this problem has been fixed in version 4.70-1.
> but here
> root@wotan:~# aptitude show exim4 | grep ^Version
> Version: 4.72-2
> so nothing to do or did they get the version number wrong in the
The version number in the DSA is to the best of my knowledge correct. The
issue got fixed upstream in 4.70 without someone realizing that it is/was
exploitable. So it has already been fixed in testing and unstable for a
You might want to read the corresponding thread on the exim mailinglist
if you dare for the details.
And I don't know much, but I do know this:
With a golden heart comes a rebel fist.
[ Streetlight Manifesto - Here's To Life ]