oss-sec mailing list archives

Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges.

From: Heiko Schlittermann <hs () schlittermann de>
Date: Wed, 4 Sep 2019 12:46:49 +0200

Heiko Schlittermann <hs () nodmarc schlittermann de> (Mi 04 Sep 2019 11:22:48 CEST):

*** Note: EMBARGO is still in effect!       ***
*** Distros must not publish any detail yet ***


As I saw blocked accesses to our security repo:

If you're entitled to access our non-public security repository, please
update your "remote". The git URL is now:

    ssh://git () git exim org/exim-security
    ssh://git () git exim org/exim-packages-security

(We addedd the -security suffix.)

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
--
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

Attachment: signature.asc
Description:

Current thread:

CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 04)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 04)
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
  - Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
    - Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 06)
    - Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Sebastian Nielsen (Sep 06)
    - Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Phil Pennock (Sep 06)
    - Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Heiko Schlittermann (Sep 06)
    - Re: Sv: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges Phil Pennock (Sep 09)
- <Possible follow-ups>
- Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Heiko Schlittermann (Sep 05)
  - Re: Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. akuster (Sep 06)
    - Re: Re: CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges. Sylvain Beucler (Sep 08)