epel-6 tracking bug for exim: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Adding parent bug CVE-2011-1764
New bodhi update url:
It seems like there was some mis-naming of CVEs when you included exim-4.72-0003-CVE-2011-1407.patch in:
* Wed May 18 2011 Mark Chappell <firstname.lastname@example.org> 4.72-2
It looks like, based on Ubuntu's CVE page, that the actual fix for CVE-2011-1407 is here:
and what you called CVE-2011-1407 actually fixed CVE-2011-1764.
Do you think you could apply the above patch to fix CVE-2011-1407, and that would resolve all outstanding exim flaws? Thanks!
Ping? This has not yet been resolved, but exim has been updated for a new flaw today, and CVE-2011-1407 is still unfixed.
Well, in case of no response from Mark, I can check it as a co-maintainer.
If you have the time to update that would be appreciated, I really have sucked at keeping up with this, work's been insane.
Mark, thanks for info, I will look on it.
Thank you both, very much, for this.
exim-4.72-4.el6 has been submitted as an update for Fedora EPEL 6.
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing exim-4.72-4.el6'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
exim-4.72-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.