Author: Heiko Schlittermann

Date: 2019-09-06 10:20 UTC

To: oss-security, Exim Users, Exim Announce

Subject: Re: [exim] CVE-2019-15846: Exim - local or remote attacker can execute programs with root privileges.



Credits: Zerons <sironhide0null@???>, Qualys Version(s): all versions up to and including 4.92.1 Issue: The SMTP Delivery process in all¹ versions up to and including Exim 4.92.1 has a Buffer Overflow. In the default runtime configuration, this is exploitable with crafted Server Name Indication (SNI) data during a TLS negotiation. In other configurations, it is exploitable with a crafted client TLS certificate. Details: doc/doc-txt/cve-2019-15846 in the downloaded source tree

Coordinated Release Date (CRD) for Exim 4.92.2: 2019-09-06 10:00 UTC

Contact: security@???

https://git.exim.org/exim.git https://github.com/Exim/exim [mirror of the above] - tag exim-4.92.2 - branch exim-4.92.2+fixes

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

CVE ID: CVE-2019-15846We released Exim 4.92.2. This is a security update based on 4.92.1.Mitigation==========Do not offer TLS for incomming connections (tls_advertise_hosts).This mitigation is *not* recommended!Downloads=========Starting at CRD the downloads will be available from the followingsources:Release tarballs (exim-4.92.2):The package files are signed with my GPG key.The full Git repo:The tagged commit is the officially released version. The tag is signedwith my GPG key. The +fixes branch isn't officially maintained, butcontains useful patches *and* the security fix. The relevant commit issigned with my GPG key. The old exim-4.92.1+fixes branch is being functionallyreplaced by the new exim-4.92.2+fixes branch.¹) We've indication, that only versions starting with 4.80 up to andincluding 4.92.1 are affected.