Page 1 of 3 123 LastLast
Results 1 to 20 of 50

Thread: Exim 4.92

  1. #1
    Join Date
    Sep 2015
    Location
    Arnhem, NL
    Posts
    427

  2. #2
    Join Date
    May 2014
    Location
    Netherlands Germany
    Posts
    403
    HMM 4.92 or 4.93?
    options, and new features, see the NewStuff file next to this ChangeLog.


    Exim version 4.93
    -----------------

    JH/01 OpenSSL: With debug enabled output keying information sufficient, server
    side, to decode a TLS 1.3
    JH/05 DKIM: ensure that dkim_domain elements are lowercased before use.
    Also the key part???


    This document describes *changes* to previous versions, that might
    affect Exim's operation, with an unchanged configuration file. For new
    options, and new features, see the NewStuff file next to this ChangeLog.
    !!!!
    Last edited by ikkeben; 02-12-2019 at 05:19 AM.
    DUTCH GERMAN, GERMAN DUTCH

  3. #3
    Join Date
    Sep 2015
    Location
    Arnhem, NL
    Posts
    427
    See the exim website or GitHub releases page; 4.92 is the latest stable release. 4.93 is probably the next version.

  4. #4
    Join Date
    May 2014
    Location
    Netherlands Germany
    Posts
    403
    Quote Originally Posted by Erulezz View Post
    See the exim website or GitHub releases page; 4.92 is the latest stable release. 4.93 is probably the next version.
    HIHI this is from github changelog quoted from your link above
    https://github.com/Exim/exim/blob/ma...-txt/ChangeLog

    So yep next but maybe soon while in changelog there at master?
    Last edited by ikkeben; 02-12-2019 at 07:20 AM.
    DUTCH GERMAN, GERMAN DUTCH

  5. #5
    Join Date
    Apr 2009
    Posts
    2,247
    Here is the announcement: https://lists.exim.org/lurker/messag...42f00b.en.html - the announcement link to the changelog at: http://ftp.exim.org/pub/exim/exim4/ChangeLog

  6. #6
    Join Date
    Sep 2005
    Posts
    381
    Code:
    TLS error on connection from ... (SSL_accept): error:1412E0E2:SSL routines:ssl_parse_clienthello_tlsext:clienthello tlsext
    It doesn't seem to be entirely broken, in this case it's a third party app that may be doing something wrong, but it is a little worrying.

    edit:
    As it turns out, more apps are having problems sending e-mail through our DirectAdmin servers. I will try to do some more research.
    Last edited by ju5t; 02-16-2019 at 04:42 AM.

  7. #7
    Join Date
    Sep 2005
    Posts
    381
    We have decided to downgrade all of our servers to 4.91 until we know more about this issue.

  8. #8
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,719
    Just got this too... Oh why did I upgrade!

  9. #9
    Join Date
    Feb 2005
    Location
    Hong Kong
    Posts
    136
    It is a security update (CVE-2019-10149.txt), rated as critical in redhat.com

    All versions of Exim previous to version 4.92 are now obsolete. The last 3.x release was 3.36. It is obsolete and should not be used.Versions (between and including) 4.87 to 4.91 are vulnerable. See CVE-2019-10149.
    http://www.exim.org/static/doc/secur...2019-10149.txt
    https://access.redhat.com/security/cve/cve-2019-10149
    Last edited by ccto; 06-09-2019 at 01:38 AM.

  10. #10
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    13,138
    The vulnerability was patched with the release of Exim 4.92, on February 10, 2019, but at the time the Exim team released v4.92, they didn't know they fixed a major security hole.

    This was only recently discovered by the Qualys team while auditing older Exim versions. Now, Qualys researchers are warning Exim users to update to the 4.92 version to avoid having their servers taken over by attackers. Per the same June 2019 report on email server market share, only 4.34% of all Exim servers run the latest 4.92 release.

    https://www.zdnet.com/article/new-rc...email-servers/
    Regards, Alex G.

    - Get the best commercial DirectAdmin support and hire me on poralix.com
    - Follow and like @Poralix on Facebook

  11. #11
    Join Date
    Jul 2017
    Posts
    7
    But how to update?
    exim --version
    shows 4.90 version, vulnerable.
    Also, http://files.directadmin.com/services/es_7.0_64/ link shows only 4.89 version last.
    p.s.: I have centos 7.0 if it matters

  12. #12
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    7,543
    Code:
    cd /usr/local/directadmin/custombuild
    ./build update
    ./build set exim yes
    ./build exim
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  13. #13
    Join Date
    Mar 2005
    Posts
    5,276
    Was the previous problem resolved?
    Floyd Morrissette Little Creek Hosting
    Web Hosting Solutions. Virtual Private Servers
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  14. #14
    Join Date
    Mar 2005
    Posts
    5,276
    I am getting:

    Trying to make exim...
    /bin/sh scripts/source_checks
    `Makefile' is up to date.

    make[1]: Entering directory `/usr/local/directadmin/custombuild/exim-4.92/build-Linux-i386'
    >>> version 4.92 #4

    >>> version 4.92 #5

    gcc -DMACRO_PREDEF macro_predef.c
    In file included from exim.h:482,
    from macro_predef.c:11:
    structs.h:757: error: 'NS_MAXMSG' undeclared here (not in a function)
    make[1]: *** [macro_predef.o] Error 1
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/exim-4.92/build-Linux-i386'
    make: *** [all] Error 2

    *** The make has failed, would you like to try to make again? (y,n):
    Floyd Morrissette Little Creek Hosting
    Web Hosting Solutions. Virtual Private Servers
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  15. #15
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,719
    Just updated mine, I had to downgrade to .91 when .92 was released, as there were SSL errors as post #6 states. Was this resolved?

  16. #16
    Join Date
    Mar 2005
    Posts
    5,276
    I guess the forum is not as active as it used to be.

    I upgraded a server with a lot of users. I see some SSL errors but exactly the same as above. Nobody has complained yet.
    Floyd Morrissette Little Creek Hosting
    Web Hosting Solutions. Virtual Private Servers
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  17. #17
    Join Date
    Feb 2005
    Posts
    235
    We are running Exim 4.92 on tens of servers without any issues. All of them run centos/cloudlinux.

  18. #18
    Join Date
    May 2008
    Posts
    823
    I don't have any issues on FreeBSD too.

  19. #19
    Join Date
    Feb 2008
    Posts
    133
    i have the same on some older servers

    --make[1]: Entering directory `/usr/local/directadmin/custombuild/exim-4.92/build-Linux-i386'
    >>> version 4.92 #4

    >>> version 4.92 #5

    gcc -DMACRO_PREDEF macro_predef.c
    In file included from exim.h:482,
    from macro_predef.c:11:
    structs.h:757: error: 'NS_MAXMSG' undeclared here (not in a function)
    make[1]: *** [macro_predef.o] Error 1
    make[1]: Leaving directory `/usr/local/directadmin/custombuild/exim-4.92/build-Linux-i386'
    make: *** [all] Error 2

    *** The make has failed, would you like to try to make again? (y,n):
    ---

    did anyone resolved this?

  20. #20
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,719
    Mine compiled fine......

    I have not had any tickets opened, so I'm guessing all is ok.

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •