Bug 2241455 - Multiple security vulnerabilities in Exim: CVE-2023-42114, CVE 2023-42115, CVE-2023-42116
Summary: Multiple security vulnerabilities in Exim: CVE-2023-42114, CVE 2023-42115, ...
Keywords:
Status: CLOSED DUPLICATE of bug 2241538
Alias: None
Product: Fedora
Classification: Fedora
Component: exim
Version: rawhide
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Jaroslav Škarvada
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-09-30 04:19 UTC by Felix Schwarz
Modified: 2023-10-02 12:51 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2023-10-02 12:40:03 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Felix Schwarz 2023-09-30 04:19:35 UTC 
According to Exim upstream, there are multiple security issues in the current Exim code with fixes being available for distribution maintainers:

https://www.openwall.com/lists/oss-security/2023/09/29/5

Probably you are aware of the issue but just in case: Anything I can do to help getting the fixes out for Fedora+EPEL?

Reproducible: Always
Comment 1 Jaroslav Škarvada 2023-10-02 12:40:03 UTC 
I will handle it.

We have individual security trackers:
https://bugzilla.redhat.com/show_bug.cgi?id=2241538
https://bugzilla.redhat.com/show_bug.cgi?id=2241525
https://bugzilla.redhat.com/show_bug.cgi?id=2241528
https://bugzilla.redhat.com/show_bug.cgi?id=2241531
https://bugzilla.redhat.com/show_bug.cgi?id=2241535
https://bugzilla.redhat.com/show_bug.cgi?id=2241542

Thus I am closing this report and will handle it in the individual trackers.

*** This bug has been marked as a duplicate of bug 2241538 ***
Comment 2 Jaroslav Škarvada 2023-10-02 12:51:44 UTC 
I cannot handle https://bugzilla.redhat.com/show_bug.cgi?id=2241535, it's libspf2, but I will handle the rest.
Note You need to log in before you can comment on or make changes to this bug.