Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 27 Oct 2012 01:39:33 +0400
From: Solar Designer <>
Cc: Phil Pennock <>
Subject: CVE-2012-5671: Exim <= 4.80 DKIM heap-based buffer overflow


Exim 4.80.1 was released earlier today to fix a remotely triggerable
heap-based buffer overflow vulnerability in DKIM support (enabled by
default).  Here's the announcement as posted to the exim-announce list
(including instructions on how DKIM support may be disabled, and
download links for Exim 4.80.1):

A few distro tracking/updates URLs:

Distro vendors had 1 day of advance notice, which some have made use of.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.