Bug#764348: exim4: Mime Parser Bug in Exim 4.80
Sven Geggus
lists at fuchsschwanzdomain.de
Tue Oct 7 12:01:31 UTC 2014
Package: exim4
Version: 4.80-7
Severity: normal
Dear Maintainer,
exim 4.80 from Debian stable contains a mime parser bug which leads to an
invalid setting of $mime_filename
This has been fixed in newer upstream Versions by commit
1bd0d12bcbf4f51bd78c60d5bae01f1ff38c5a84
See Discussion at
https://lists.exim.org/lurker/message/20140714.133010.12ab3766.en.html
This will allow to bypass ACL checks in certain cases.
Regards
Sven
-- Package-specific info:
Exim version 4.80 #2 built 02-Jan-2013 18:59:17
Copyright (c) University of Cambridge, 1995 - 2012
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
-- System Information:
Debian Release: 7.6
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages exim4 depends on:
ii debconf [debconf-2.0] 1.5.49
ii exim4-base 4.80-7
ii exim4-daemon-heavy 4.80-7
exim4 recommends no packages.
exim4 suggests no packages.
-- debconf information:
exim4/drec:
More information about the Pkg-exim4-maintainers
mailing list