From: Seemant Kulleen <seemant@gentoo.org>
To: gentoo-announce@gentoo.org, gentoo-security@gentoo.org,
lwn@lwn.net
Subject: Buffer overflow in Exim
Date: Thu, 18 Apr 2002 20:51:38 -0700
- -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE : exim
SUMMARY : security vulnerability in exim
DATE : Apr 19 03:02:46 UTC 2002
- -----------------------------------------------------------------------
OVERVIEW
A security vulnerability has been found that might allow a local attacker
to gain elevated priveleges. This affects Gentoo's exim-3.34-r1 and prior
packages.
DETAIL
Fix for a security vulnerability that could allow local attackers to gain
elevated privileges though a buffer overflow exploit.
http://www.securiteam.com/unixfocus/5CP0H206AI.html
SOLUTION
It is recommended that all Gentoo Linux users who are running exim update
their systems as follows.
emerge --clean rsync
emerge exim
emerge clean
- ------------------------------------------------------------------------
rphillips@gentoo.org
seemant@gentoo.org
drobbins@gentoo.org
- ------------------------------------------------------------------------