[Secure-testing-commits] r58093 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 28 21:03:32 UTC 2017
Author: carnil
Date: 2017-11-28 21:03:32 +0000 (Tue, 28 Nov 2017)
New Revision: 58093
Modified:
data/CVE/list
Log:
Add commit for CVE-2017-16944/exim4
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-28 20:22:18 UTC (rev 58092)
+++ data/CVE/list 2017-11-28 21:03:32 UTC (rev 58093)
@@ -1445,6 +1445,7 @@
[jessie] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
[wheezy] - exim4 <not-affected> (ESMTP CHUNKING extension introduced in 4.88)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2201
+ NOTE: https://git.exim.org/exim.git/commitdiff/178ecb70987f024f0e775d87c2f8b2cf587dd542
NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
NOTE: 4.89-10 adds a workaround which disables the affected code by default
CVE-2017-16943 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...)
More information about the Secure-testing-commits
mailing list