2241484 – Multiple security vulnerabilities in Exim: CVE-2023-42114, CVE 2023-42115, CVE-2023-42116

Bug 2241484 - Multiple security vulnerabilities in Exim: CVE-2023-42114, CVE 2023-42115, CVE-2023-42116

Summary: Multiple security vulnerabilities in Exim: CVE-2023-42114, CVE 2023-42115, CV...

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	exim
Sub Component:
Version:	epel7
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Assignee:	Jaroslav Škarvada
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-09-30 11:47 UTC by Ruben Püttmann
Modified:	2024-07-09 04:26 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2024-07-09 04:26:29 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Ruben Püttmann 2023-09-30 11:47:48 UTC

According to Exim upstream, there are multiple security issues in the current Exim code with fixes being available for distribution maintainers:

https://www.openwall.com/lists/oss-security/2023/09/29/5

Probably you are aware of the issue but just in case: Anything I can do to help getting the fixes out for Fedora+EPEL?

Reproducible: Always

Comment 1 Ruben Püttmann 2023-10-02 15:34:45 UTC

Additional informations:

https://www.exim.org/static/doc/security/CVE-2023-zdi.txt

Comment 2 Troy Dawson 2024-07-09 04:26:29 UTC

EPEL 7 entered end-of-life (EOL) status on 2024-06-30.\n\nEPEL 7 is no longer maintained, which means that it\nwill not receive any further security or bug fix updates.\n As a result we are closing this bug.

Note You need to log in before you can comment on or make changes to this bug.