[Secure-testing-commits] r58012 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 25 09:33:08 UTC 2017
Author: carnil
Date: 2017-11-25 09:33:08 +0000 (Sat, 25 Nov 2017)
New Revision: 58012
Modified:
data/CVE/list
Log:
Add exim4 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-25 09:22:56 UTC (rev 58011)
+++ data/CVE/list 2017-11-25 09:33:08 UTC (rev 58012)
@@ -1,3 +1,9 @@
+CVE-2017-XXXX [exim4: remote code execution in chunking]
+ - exim4 <unfixed> (bug #882648)
+ [jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
+ [wheezy] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
+ NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
+ NOTE: https://twitter.com/philpennock/status/934270613811875840
CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...)
TODO: check
CVE-2017-16940
More information about the Secure-testing-commits
mailing list