Random Linux

Linux, video games and web hosting

Ubuntu has released a security notice for exim4 today. That affects these versions:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

This vulnerability is for an issue in exim where it could be made to run programs as an administrator. This was because Exim did not properly deallocate memory when processing certain command line arguments. Local attackers could use that along with other vulnerabilities that could possibly allow arbitrary code to be executed and could allow administrative privileges.

You will want to ensure that you update that package using the ‘apt-get upgrade exim4’ command or that it is updated to one of these packages:

Ubuntu 17.04:
exim4-daemon-heavy 4.88-5ubuntu1.1
exim4-daemon-light 4.88-5ubuntu1.1

Ubuntu 16.10:
exim4-daemon-heavy 4.87-3ubuntu1.2
exim4-daemon-light 4.87-3ubuntu1.2

Ubuntu 16.04 LTS:
exim4-daemon-heavy 4.86.2-2ubuntu2.2
exim4-daemon-light 4.86.2-2ubuntu2.2

Ubuntu 14.04 LTS:
exim4-daemon-heavy 4.82-3ubuntu2.3
exim4-daemon-light 4.82-3ubuntu2.3

More information on that can be found here as well:

Ubuntu Security Notice USN-3322-1

June 19th, 2017

Posted In: News

Tags: , ,

Leave a Comment