interfasys
Verified User
Exim release 4.76 is now available from the primary ftp site:
* ftp://ftp.exim.org/pub/exim/exim4/exim-4.76.tar.gz
* ftp://ftp.exim.org/pub/exim/exim4/exim-4.76.tar.bz2
_________________________________________________________________
This is a SECURITY release: Exim versions 4.70 up to and including 4.75
contained a security hole (format string attack) permitting remote
execution of arbitrary code as the Exim run-time user. This is
CVE-2011-1764. There is also another, lesser security issue. Both lie
in the DKIM code and mitigation techniques are described below.
Note that as part of our work to improve Exim and protect against future
security issues, some changes were made to the code to pass gcc with
many more warnings enabled, and in some cases to compile with Clang.
Although feedback so far has been positive, there remains a chance that
these changes will cause compilation problems on lesser-tested
platforms; please raise any issues encountered on the exim-users
mailing-list.
* ftp://ftp.exim.org/pub/exim/exim4/exim-4.76.tar.gz
* ftp://ftp.exim.org/pub/exim/exim4/exim-4.76.tar.bz2
_________________________________________________________________
This is a SECURITY release: Exim versions 4.70 up to and including 4.75
contained a security hole (format string attack) permitting remote
execution of arbitrary code as the Exim run-time user. This is
CVE-2011-1764. There is also another, lesser security issue. Both lie
in the DKIM code and mitigation techniques are described below.
Note that as part of our work to improve Exim and protect against future
security issues, some changes were made to the code to pass gcc with
many more warnings enabled, and in some cases to compile with Clang.
Although feedback so far has been positive, there remains a chance that
these changes will cause compilation problems on lesser-tested
platforms; please raise any issues encountered on the exim-users
mailing-list.