Navigation
Recherche
|
Multiple Exim security vulnerabilities disclosed
samedi 30 septembre 2023, 16:22 , par LWN.net
The 'Zero Day Initiative' site has posted a number of advisories (1, 2, 3, 4, 5, 6)
describing a number of flaws in the Exim mail server, some of which are exploitable remotely. These problems, allegedly, were first reported to the project in June 2022, well over one year ago. There is some disagreement over the timing of events, with Exim developer Heiko Schlittermann claiming that no actual information was received until last May, and an anonymous ZDI representative disputing that story. Either way, the vulnerabilities are now disclosed, but patches are not yet on offer; Schlittermann said that 'Fixes are available in a protected repository and are ready to be applied by the distribution maintainers', so hopefully that situation will change soon.
https://lwn.net/Articles/946004/
|
56 sources (32 en français)
Date Actuelle
ven. 3 mai - 02:30 CEST
|