date:20050112

Re: [ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

2005-01-12 Thread Pankaj kaushal

Suresh Ramasubramanian wrote:
Raj Mathur <[EMAIL PROTECTED]> wrote:
[Please upgrade Exim on all platforms immediately -- Raju]

You already posted this for 4.x
Debian has now backported this fix for 3.x versions (which are obsolete, 
so that only debian users keep using the old version when everybody else 
has moved on for over two years to the 4.x versions)
Hey! who are you calling backward? Woody is still *the* stable to run.
/me runs with placards stating "The end is near. stick to woody."
:)
--
Morality is heard instinct in the individual.
-- Nietzsche.
___
ilugd mailinglist -- ilugd@lists.linux-delhi.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/ilugd@lists.linux-delhi.org/

Re: [ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

2005-01-12 Thread Raj Mathur

> "Suresh" == Suresh Ramasubramanian <[EMAIL PROTECTED]> writes:

Suresh> Raj Mathur <[EMAIL PROTECTED]> wrote:
>> [Please upgrade Exim on all platforms immediately -- Raju]

Suresh> You already posted this for 4.x

Oops, right!  Welcome to the first security posting screw-up of 2005
too :)

Regards,

-- Raju
-- 
Raj Mathur[EMAIL PROTECTED]  http://kandalaya.org/
   GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
  It is the mind that moves

___
ilugd mailinglist -- ilugd@lists.linux-delhi.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/ilugd@lists.linux-delhi.org/

[ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

2005-01-12 Thread Suresh Ramasubramanian

Raj Mathur <[EMAIL PROTECTED]> wrote:
[Please upgrade Exim on all platforms immediately -- Raju]
You already posted this for 4.x
Debian has now backported this fix for 3.x versions (which are obsolete, 
so that only debian users keep using the old version when everybody else 
has moved on for over two years to the 4.x versions)

   suresh 

___
ilugd mailinglist -- ilugd@lists.linux-delhi.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/ilugd@lists.linux-delhi.org/

[ilugd] (fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

2005-01-12 Thread Raj Mathur

[Please upgrade Exim on all platforms immediately -- Raju]

This is an RFC 1153 digest.
(1 message)
--

Message-Id: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED] (Martin Schulze)
To: bugtraq@securityfocus.com
Subject: [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution
Date: Wed, 12 Jan 2005 08:47:42 +0100 (CET)

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- --
Debian Security Advisory DSA 635-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 12th, 2005  http://www.debian.org/security/faq
- --

Package: exim
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID : CAN-2005-0021
Debian Bug : 289046

Philip Hazel announced a buffer overflow in the host_aton function in
exim, the default mail-tranport-agent in Debian, which can lead to the
execution of arbitrary code via an illegal IPv6 address.

For the stable distribution (woody) this problem has been fixed in
version 3.35-1woody4.

For the unstable distribution (sid) this problem has been fixed in
version 3.36-13 of exim and 4.34-10 of exim4.

We recommend that you upgrade your exim and exim4 packages.


Upgrade Instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- 

  Source archives:

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4.dsc
  Size/MD5 checksum:  661 d97ecab579bd3dbaa3e9be00b8b16d85

http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4.diff.gz
  Size/MD5 checksum:80195 a02abeefa9d1145ae623ad661aab5f5a
http://security.debian.org/pool/updates/main/e/exim/exim_3.35.orig.tar.gz
  Size/MD5 checksum:  1271057 42d362e40a21bd7ffc298f92c8bd986a

  Alpha architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_alpha.deb
  Size/MD5 checksum:   872796 a46f5dc95d777366cb492eb57ec8dd9f

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_alpha.deb
  Size/MD5 checksum:52318 bf93e35aec9f401d8413015c50f5cbae

  ARM architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_arm.deb
  Size/MD5 checksum:   785980 5ced90e4c4ecd1ca6a60980634b309e8

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_arm.deb
  Size/MD5 checksum:43514 07b7324395ff66f68db354c6b4589db7

  Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_i386.deb
  Size/MD5 checksum:   759270 9001a456b0a34f4bf5de88d901c70a97

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_i386.deb
  Size/MD5 checksum:39210 78e5eecee7101a355ddabec9d0f07b98

  Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_ia64.deb
  Size/MD5 checksum:   972852 43f4fc30483d8ad5c42e031fd64a9e8d

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_ia64.deb
  Size/MD5 checksum:65166 cdc921d9be2ec60b5f0ed95a5b976732

  HP Precision architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_hppa.deb
  Size/MD5 checksum:   815358 c506baffb4404f32762468fbc494551c

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_hppa.deb
  Size/MD5 checksum:48294 d90efe5be79e966e07a7cbe8e9013939

  Motorola 680x0 architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_m68k.deb
  Size/MD5 checksum:   737856 aefe6b63ebd03e9fe449afe22e752547

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_m68k.deb
  Size/MD5 checksum:37752 e0d2b938e50c3b408928b8150459ad2b

  Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_mips.deb
  Size/MD5 checksum:   824458 0c1db679287a6de37f2c320f335c650c

http://security.debian.org/pool/updates/main/e/exim/eximon_3.35-1woody4_mips.deb
  Size/MD5 checksum:48882 1670c36409482a8a870becf826f7ae68

  Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/e/exim/exim_3.35-1woody4_mipsel.deb
  Size/MD5 checksum:   824846 88564f1d1b0c1781587d5db1bccdde77

http://security.debian.org/pool/updates

Re: [ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

Re: [ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

[ilugd] Re: [LIH](fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

[ilugd] (fwd) [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution

4 matches

Site Navigation

Mail list logo

Footer information