Wednesday, May 5, 2021

Ubuntu Security Notice USN-4934-1

advisory arbitrary denial of service local vulnerabilities In: , , , , 
==========================================================================
Ubuntu Security Notice USN-4934-1
May 04, 2021

exim4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Exim.

Software Description:
- exim4: Exim is a mail transport agent

Details:

It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  exim4-base                      4.94-15ubuntu1.2
  exim4-daemon-heavy              4.94-15ubuntu1.2
  exim4-daemon-light              4.94-15ubuntu1.2

Ubuntu 20.10:
  exim4-base                      4.94-7ubuntu1.2
  exim4-daemon-heavy              4.94-7ubuntu1.2
  exim4-daemon-light              4.94-7ubuntu1.2

Ubuntu 20.04 LTS:
  exim4-base                      4.93-13ubuntu1.5
  exim4-daemon-heavy              4.93-13ubuntu1.5
  exim4-daemon-light              4.93-13ubuntu1.5

Ubuntu 18.04 LTS:
  exim4-base                      4.90.1-1ubuntu1.8
  exim4-daemon-heavy              4.90.1-1ubuntu1.8
  exim4-daemon-light              4.90.1-1ubuntu1.8

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4934-1
  CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010,
  CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014,
  CVE-2020-28015, CVE-2020-28016, CVE-2020-28017, CVE-2020-28018,
  CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022,
  CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026,
  CVE-2021-27216

Package Information:
  https://launchpad.net/ubuntu/+source/exim4/4.94-15ubuntu1.2
  https://launchpad.net/ubuntu/+source/exim4/4.94-7ubuntu1.2
  https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.5
  https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.8
 

Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore