Exim 4.76 fixes a remote security hole
Exim 4.76 fixes a remote security hole
[Security] Posted May 8, 2011 14:49 UTC (Sun) by corbet
The Exim mail transfer agent suffers from a remotely exploitable format
string vulnerability; the 4.76 release contains a fix.
"CVE-2011-1764: a format string attack in logging DKIM information
from an inbound mail may permit anyone who can send you email to cause code
to be executed as the Exim run-time user. No exploit is known to exist,
but we do not believe that an experienced attacker would find the exploit
hard to construct.
" Debian has an update available; others are
certainly coming.