Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:7161
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="7161"> <issue id="1044692" tracker="bnc">VUL-0: CVE-2017-1000369: exim: Qualys new root/setuid privilege escalation method 05-2017</issue> <issue id="1015930" tracker="bnc">VUL-0: CVE-2016-9963: exim: Disclosure of private information</issue> <issue id="1046971" tracker="bnc">update to 20170701 breaks exim</issue> <issue id="2016-9963" tracker="cve" /> <issue id="2016-1531" tracker="cve" /> <issue id="2017-1000369" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>pwcau</packager> <description>This update for exim fixes the following issues: Changes in exim: - specify users with ref:mail, to make them dynamic. (boo#1046971) - CVE-2017-1000369: Fixed memory leaks that could be exploited to "stack crash" local privilege escalation (boo#1044692) - Require user(mail) group(mail) to meet new users handling in TW. - Prerequire permissions (fixes rpmlint). - conditionally disable DANE on SuSE versions with OpenSSL < 1.0 - CVE-2016-1531: when installed setuid root, allows local users to gain privileges via the perl_startup argument. - CVE-2016-9963: DKIM information leakage (boo#1015930) - Makefile tuning: + add sqlite support + disable WITH_OLD_DEMIME + enable AUTH_CYRUS_SASL + enable AUTH_TLS + enable SYSLOG_LONG_LINES + enable SUPPORT_PAM + MAX_NAMED_LIST=64 + enable EXPERIMENTAL_DMARC + enable EXPERIMENTAL_EVENT + enable EXPERIMENTAL_PROXY + enable EXPERIMENTAL_CERTNAMES + enable EXPERIMENTAL_DSN + enable EXPERIMENTAL_DANE + enable EXPERIMENTAL_SOCKS + enable EXPERIMENTAL_INTERNATIONAL </description> <summary>Security update for exim</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor