Security update for exim SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0468-1 Final 1 1 2018-02-19T06:07:17Z current 2018-02-19T06:07:17Z 2018-02-19T06:07:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for exim This update for exim fixes the following issues: - CVE-2018-6789: Fixed a buffer overflow in the base64decode function, which could be used to execute code remotely. (boo#1079832) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00035.html E-Mail link for openSUSE-SU-2018:0468-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 exim-4.86.2-20.1 eximon-4.86.2-20.1 eximstats-html-4.86.2-20.1 exim-4.86.2-20.1 as a component of openSUSE Leap 42.3 eximon-4.86.2-20.1 as a component of openSUSE Leap 42.3 eximstats-html-4.86.2-20.1 as a component of openSUSE Leap 42.3 An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. CVE-2018-6789 openSUSE Leap 42.3:exim-4.86.2-20.1 openSUSE Leap 42.3:eximon-4.86.2-20.1 openSUSE Leap 42.3:eximstats-html-4.86.2-20.1 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00035.html https://www.suse.com/security/cve/CVE-2018-6789.html CVE-2018-6789 https://bugzilla.suse.com/1079832 SUSE Bug 1079832