CERT mailing list archives

Exim Releases Security Patches

From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Thu, 13 Jun 2019 15:34:33 -0500

Cybersecurity and Infrastructure Security Agency Logo

National Cyber Awareness System:



Exim Releases Security Patches [ 
https://www.us-cert.gov/ncas/current-activity/2019/06/13/Exim-Releases-Security-Patches ] 06/13/2019 03:41 PM EDT 
Original release date: June 13, 2019

Exim has released patches to address a vulnerability affecting Exim versions 4.874.91. A remote attacker could exploit 
this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Exim 
CVE-2019-10149 [ https://www.exim.org/static/doc/security/CVE-2019-10149.txt ] page and either upgrade to Exim 4.92 or 
apply the necessary patches.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } ________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ]  

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]

Current thread:

Exim Releases Security Patches US-CERT (Jun 13)
- <Possible follow-ups>
- Exim Releases Security Patches US-CERT (Sep 06)