This bug was fixed in the package exim4 - 4.82.1-2ubuntu1 --------------- exim4 (4.82.1-2ubuntu1) utopic; urgency=low
* Merge from Debian unstable (LP: #1348074). Remaining changes: - Show Ubuntu distribution on smtp: + debian/patches/fix_smtp_banner.patch: updated SMTP banner with Ubuntu distribution + debian/control: added lsb-release build dependency - Don't provide default-mta; in Ubuntu, we want postfix to be the default. exim4 (4.82.1-2) unstable; urgency=high * [87_double_expansion.diff] from upstream. Stop unwanted double expansion of arguments to mathematical comparison operations. exim4 (4.82.1-1) unstable; urgency=high * New upstream security release, fixing CVE-2014-2957. This is a remote code execution flaw in Exim version 4.82 (only) when built with DMARC support. Debian's binary packages are not built with DMARC support and therefore not vulnerable. However we want to fix this for people building their own binaries based on Debian's packaging. -- Robie Basak <robie.ba...@ubuntu.com> Fri, 25 Jul 2014 15:53:09 +0000 ** Changed in: exim4 (Ubuntu) Status: Triaged => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-2957 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1348074 Title: Please merge exim4 4.82.1-2 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1348074/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs