Release Info

Advisory: CLSA-2022:1661173443

OS: Ubuntu 16.04 ELS

Public date: 2022-08-22 00:00:00

Project: exim

Version: 4.86.2-2ubuntu2.6+tuxcare.els2

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1661173443.html

Changelog

* SECURITY UPDATE: exim heap overflow in host_name_lookup() - debian/patches/CVE-2022-37452.patch: fix host_name_lookup - CVE-2022-37452 * SECURITY UPDATE: invalid free in pam_converse in auths/call_pam.c - debian/patches/CVE-2022-37451.patch: fix PAM auth - CVE-2022-37451

Update

Update command: apt-get update apt-get --only-upgrade install exim*

Packages list

exim4_4.86.2-2ubuntu2.6+tuxcare.els2_all.deb exim4-base_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb exim4-config_4.86.2-2ubuntu2.6+tuxcare.els2_all.deb exim4-daemon-heavy_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb exim4-daemon-light_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb exim4-dev_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb eximon4_4.86.2-2ubuntu2.6+tuxcare.els2_amd64.deb

CVEs

CVE-2022-37451
CVE-2022-37452