20060 – exim security vulnerability CVE-2016-9963

Bug 20060 - exim security vulnerability CVE-2016-9963

Summary: exim security vulnerability CVE-2016-9963

Status:	RESOLVED INVALID

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:	Sec team

URL:	https://www.debian.org/security/2016/...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-01-02 17:46 CET by Zombie Ryushu
Modified:	2017-01-02 22:53 CET (History)
CC List:	0 users

See Also:
Source RPM:	exim
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Zombie Ryushu 2017-01-02 17:46:30 CET

Bjoern Jacke discovered that Exim, Debian's default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met.

Exim should be upgraded to 4.84.2

Comment 1 David Walser 2017-01-02 22:53:47 CET

We don't have exim packaged.

Status: NEW => RESOLVED
Resolution: (none) => INVALID

Note You need to log in before you can comment on or make changes to this bug.