Bug 223870

Summary:	mail/exim: remote code execution (CVE-2017-16943)
Product:	Ports & Packages	Reporter:	Gary <freebsd-bugzilla>
Component:	Individual Port(s)	Assignee:	Vsevolod Stakhov <vsevolod>
Status:	Closed FIXED
Severity:	Affects Many People	CC:	freebsd-bugzilla, pi
Priority:	---	Flags:	pi: maintainer-feedback+
Version:	Latest
Hardware:	Any
OS:	Any

Description Gary 2017-11-25 18:51:07 UTC

Patch to source: https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4

Bug: https://bugs.exim.org/show_bug.cgi?id=2199

Comment 1 commit-hook freebsd_committer

2017-11-27 07:56:15 UTC

A commit references this bug:

Author: vsevolod
Date: Mon Nov 27 07:55:18 UTC 2017
New revision: 454936
URL: https://svnweb.freebsd.org/changeset/ports/454936

Log:
  - Fix RCE vulnerability:

  The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89
  allows remote attackers to execute arbitrary code or cause a denial of service
  (use-after-free) via vectors involving BDAT commands.

  PR:		223870
  Submitted by:	Gary
  MFH:		2017Q4
  Security:	CVE-2017-16943

Changes:
  head/mail/exim/Makefile
  head/mail/exim/files/patch-CVE-2017-16943

Comment 2 commit-hook freebsd_committer

2017-11-28 08:54:17 UTC

A commit references this bug:

Author: vsevolod
Date: Tue Nov 28 08:54:00 UTC 2017
New revision: 455024
URL: https://svnweb.freebsd.org/changeset/ports/455024

Log:
  MFH: r454936

  - Fix RCE vulnerability:

  The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89
  allows remote attackers to execute arbitrary code or cause a denial of service
  (use-after-free) via vectors involving BDAT commands.

  PR:		223870
  Submitted by:	Gary
  Security:	68b29058-d348-11e7-b9fe-c13eb7bcbf4f

  Approved by:	ports-secteam (swills)

Changes:
_U  branches/2017Q4/
  branches/2017Q4/mail/exim/Makefile
  branches/2017Q4/mail/exim/files/patch-CVE-2017-16943