[Buildroot] [PATCH] exim: security bump to version 4.86.2
Peter Korsgaard
peter at korsgaard.com
Thu Mar 3 14:07:52 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> Fixes:
> CVE-2016-1531 - All installations having Exim set-uid root and using
> 'perl_startup' are vulnerable to a local privilege escalation. Any user
> who can start an instance of Exim (and this is normally *any* user) can
> gain root privileges. If you do not use 'perl_startup' you *should* be
> safe.
We don't seem to have any perl support in our exim, but ok - Better safe
than sorry. Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list