This project is archived. Its data is read-only.

Commit 42a49966 authored Mar 03, 2016 by Gustavo Zacarias Committed by Peter Korsgaard Mar 03, 2016

exim: security bump to version 4.86.2



Fixes:
CVE-2016-1531 - All installations having Exim set-uid root and using
'perl_startup' are vulnerable to a local privilege escalation. Any user
who can start an instance of Exim (and this is normally *any* user) can
gain root privileges. If you do not use 'perl_startup' you *should* be
safe.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 527b7b11

package/exim/exim.hash

+2 −2

Original line number	Diff line number	Diff line
		# From https://lists.exim.org/lurker/message/20150726.143052.f70a32f0.en.html
		sha256 f1ccf2ce2ea51b7fbbf160e7e0e41d24ca401cf44a185128ad99ea04635fc456 exim-4.86.tar.bz2
		# Locally calculated after checking pgp signature
		sha256 7756deafd0583776e091f2efcba9b36203e668cf420d8876f314980803636eb3 exim-4.86.2.tar.bz2

package/exim/exim.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@
		#
		################################################################################

		EXIM_VERSION = 4.86
		EXIM_VERSION = 4.86.2
		EXIM_SOURCE = exim-$(EXIM_VERSION).tar.bz2
		EXIM_SITE = ftp://ftp.exim.org/pub/exim/exim4
		EXIM_LICENSE = GPLv2+