Branch sisyphus update bulletin.

Package exim updated to version 4.82-alt1 for branch sisyphus in task 120265.

Published: 2012-10-31
Modified: 2017-08-29

CVE-2012-5671

Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.

Severity: MEDIUM (6.8)

References:

openSUSE-SU-2012:1404
[oss-security] 20121027 CVE-2012-5671: Exim <= 4.80 DKIM heap-based buffer overflow
86616
51098
DSA-2566
[exim-announce] 20121026 Exim 4.80.1 Security Release
USN-1618-1
56285
FEDORA-2012-16899
51153
FEDORA-2012-17044
51115
FEDORA-2012-17085
51155
exim-dkimeximquerydnstxt-bo(79615)

Package xdg-utils updated to version 1.1.0-alt10 for branch sisyphus in task 120266.

ошибка в open_generic()

Version: 2.1.0

Branch sisyphus update on 2014-05-25

ALT-BU-2014-2790-1

ALT-PU-2014-1684-1

Closed vulnerabilities

CVE-2012-5671

ALT-PU-2014-1685-1

Closed bugs

Bug #28728