Language Selection

English French German Italian Portuguese Spanish

Security Updates

Filed under
Security
  • Security updates for Monday

    Security updates have been issued by CentOS (dovecot, kernel, and qemu-kvm), Debian (cimg, cups, e2fsprogs, exim4, file-roller, golang-1.11, httpie, and wpa), Fedora (curl, ghostscript, ibus, krb5, mod_md, and nbdkit), Mageia (chromium-browser-stable, libheif, and nghttp2), openSUSE (djvulibre, expat, libopenmpt, mosquitto, phpMyAdmin, and webkit2gtk3), Red Hat (nodejs:10), SUSE (gpg2), and Ubuntu (e2fsprogs and exim4).

  • Exim 4.92.3 security release

    Exim 4.92.3 has been released with a fix for CVE-2019-16928, a heap-based buffer overflow in string_vformat that could lead to remote code execution. "The currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message. While at this mode of operation Exim already dropped its privileges, other paths to reach the vulnerable code may exist."

  • pam-python: local root escalation (CVE-2019-16729)

    Last week the openSUSE Security Team spent some time to check and review the PAM module from the pam-python project. Main reason for that – to make sure that the source code of the project is secure enough and bug free of course. Badly implemented PAM modules may cause user authentication to always succeed or otherwise badly influence security.

New Critical Exim Flaw Exposes Email Servers to Remote Attacks

  • New Critical Exim Flaw Exposes Email Servers to Remote Attacks — Patch Released

    A critical security vulnerability has been discovered and fixed in the popular open-source Exim email server software, which could allow a remote attacker to simply crash or potentially execute malicious code on targeted servers.
    Exim maintainers today released an urgent security update—Exim version 4.92.3—after publishing an early warning two days ago, giving system administrators an early head-up on its upcoming security patches that affect all versions of the email server software from 4.92 up to and including then-latest version 4.92.2.
    Exim is a widely used, open source mail transfer agent (MTA) developed for Unix-like operating systems like Linux, Mac OSX or Solaris, which runs almost 60 percent of the Internet's email servers today for routing, delivering and receiving email messages.

Critical Exim Flaw Opens Servers to Remote Code Execution

  • Critical Exim Flaw Opens Servers to Remote Code Execution

    A fix has been issued for a critical Exim flaw that could lead to servers crashing or remote code execution attacks being launched.

    A patch has been issued for a critical flaw in the Exim email server software, which could potentially open Exim-based servers up to denial of service or remote code execution attacks.

    Exim, which is free software used on Unix-like operating systems (including Linux or Mac OSX), serves as a mail transfer agent that manages mail routing services for organizations. According to a Shodan analysis, Exim is the most used mail transfer agent globally and has over five million internet-facing hosts.

The Register's coverage

  • Stop us if you've heard this one before: Yet another critical flaw threatens Exim servers

    Admins of Linux and Unix boxes running Exim would be well-advised to update the software following the disclosure of another critical security flaw.

    The Exim 4.92.3 patch, released on September 28th, includes a fix to close up the CVE-2019-16928 flaw.

    Discovered by bug-hunters with the QAX A-Team, the vulnerability is caused by a buffer overflow error that occurs when Exim processes an extremely long string in an Extended HELO (EHLO) Extended Simple Mail Transfer Protocol (ESMTP) command message.

    In practice, an attacker could write an exploit into the EHLO message and remotely trigger the bug to get control over the targeted server. So far, no active attacks on the flaw have been reported in the wild.

    "It's a simple coding error, not growing a string by enough," said Jeremy Harris, the Exim dev who patched the flaw in what he described as a simple "one-line fix."

Guess what? You should patch Exim again!

  • Guess what? You should patch Exim again!

    CVE-2019-16928 is heap-based buffer overflow in string_vformat found in string.c, and affects Exim versions 4.92 – 4.92.2 (but not v4.91 or earlier). It was discovered and reported by the QAX A-Team.

    “The flaw can be exploited by an unauthenticated remote attacker who could use a large crafted Extended HELO (EHLO) string to crash the Exim process that receives the message. This could potentially be further exploited to execute arbitrary code on the host,” Tenable researcher Scott Caveza pointed out.

    Exim maintainers say that the currently known exploit uses a extraordinary long EHLO string to crash the Exim process that is receiving the message, but that other paths to reach the vulnerable code may exist.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

LibreOffice Base Guide 7.2 has been released

The LibreOffice Documentation Team releases the Base Guide 7.2, based on refactored content from the Base Guide 6.4, with the 7.2 branding and text layout. It covers LibreOffice’s database component. The team decided to just fast-forward the release number, given the very little developments for Base since LibreOffice 6.4. The team intended to complete the Guide set for LibreOffice 7.2 and get ready to update contents of the set for the forthcoming LibreOffice 7.3 release. The LibreOffice Base Guide is a community effort that include valuable collaboration from Robert Großkopf, Pulkit Krishna, Dan Lewis, Drew Jensen (In Memoriam), Peter Schofield, Jost Lange, Steve Schwettman, Jean-Pierre Ledure, Jochen Schiffers, Martin Fox, Alain Romedenne, Jenna Sargent, Hazel Russman, Andrew Pitonyak and Randolph Gamo. Read more

Krita 4 splash screen

This easter egg is not part (yet) of Krita 5, will not be part of the release of 5.0 coming soon and that's good: you don't want to miss the new splash screen from Tyson Tan with the larger size in Krita 5. It's splendid! But for sure I'll try to propose an illustration for later Krita 5.1 or 5.2 release, one that could be ready before December 2022. Feel free to also contribute to make ones (it's not just a privilege I had), you just need to propose your artwork made with Krita, with an aspect ratio for this format, about the season, and with a permissive license (eg. CC-By 4.0). Don't forger to post-it on https://krita-artists.org/ , so the community and developers can see it. Read more

LoRa expansion boards work with Raspberry Pi SBC and Raspberry Pi Pico board (Crowdfunding)

We’ve covered a number of LoRa solutions based on Raspberry Pi boards, and SB Components is now offering another with the LoRa HAT for Raspberry Pi equipped with an Ebyte E22 LoRa module operating in either the 433 MHz, or 868 and 915 MHz bands. The company also offers a LoRa expansion for Pico based on the same E22 module, adding a small 1.14-inch LCD for information display, and designed for the Raspberry Pi Pico board with the RP2040 dual-core Cortex-M0+ microcontroller. Read more

Programming Leftovers