Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Fedora 23 Exim Update 2016: Critical Local Privilege Escalation Fix

fedora
Calendar Grey March 12, 2016
Dist Fedora Esm H88
Please obtain the most recent Exim security patch for Fedora 23, which resolves local privilege concerns associated with perl_startup.
This is new version fixing local privilege escalation for set-uid root when using perl_startup.

Summary

Exim is a message transfer agent (MTA) developed at the University of

Cambridge for use on Unix systems connected to the Internet. It is

freely available under the terms of the GNU General Public Licence. In

style it is similar to Smail 3, but its facilities are more

general. There is a great deal of flexibility in the way mail can be

routed, and there are extensive facilities for checking incoming

mail. Exim can be installed in place of sendmail, although the

configuration of exim is quite different to that of sendmail.

Update Information:

This is new version fixing local privilege escalation for set-uid root when using perl_startup.

Change Log

References


[ 1 ] Bug #1314293 - CVE-2016-1531 exim: local root privilege escalation for configurations with perl_startup https://bugzilla.redhat.com/show_bug.cgi?id=1314293

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update exim' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: exim
Product: Fedora 23
Version: 4.86.2
Release: 1.fc23
Summary: The exim mail transfer agent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.