[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-51766/exim4 via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 25 07:34:59 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c008ab0a by Salvatore Bonaccorso at 2023-12-25T08:34:26+01:00
Track fixed version for CVE-2023-51766/exim4 via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,7 +4,7 @@ CVE-2023-51767 (OpenSSH through 9.6, when common types of DRAM are used, might a
[bullseye] - openssh <postponed> (Revisit once hardening/mitigation for Rowhammer type of attack exists)
NOTE: https://arxiv.org/abs/2309.02545
CVE-2023-51766 (Exim through 4.97 allows SMTP smuggling in certain configurations. Rem ...)
- - exim4 <unfixed> (bug #1059387)
+ - exim4 4.97-3 (bug #1059387)
NOTE: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
NOTE: https://www.openwall.com/lists/oss-security/2023/12/21/6
NOTE: https://bugs.exim.org/show_bug.cgi?id=3063
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c008ab0a1f600b66d8ee348556da7b123bac4a20
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c008ab0a1f600b66d8ee348556da7b123bac4a20
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231225/45792f7a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list