Exim vulnerability update
-
cyclone200
- Posts: 27
- Joined: Wed Jan 03, 2018 5:57 pm
- Os: Debian 8x
- Web: apache + nginx
Exim vulnerability update
Hello,
I've just seen the announcement of the critical vulnerability (CVE-2019-10149) found on Exim mail server.
I would like to know how to update safely Exim on Vesta 0.9.8-24.
The exim4 packaged installed on my server is : 4.89-2+deb9u6.
Thank you for your help.
I've just seen the announcement of the critical vulnerability (CVE-2019-10149) found on Exim mail server.
I would like to know how to update safely Exim on Vesta 0.9.8-24.
The exim4 packaged installed on my server is : 4.89-2+deb9u6.
Thank you for your help.
-
grayfolk
- Support team
- Posts: 1111
- Joined: Tue Jul 30, 2013 10:18 pm
- Contact:
- Os: CentOS 6x
- Web: nginx + php-fpm
Re: Exim vulnerability update
Just read Exim documentation. This is not related to Vesta.cyclone200 wrote: ↑Sat Oct 12, 2019 8:05 pmHello,
I've just seen the announcement of the critical vulnerability (CVE-2019-10149) found on Exim mail server.
I would like to know how to update safely Exim on Vesta 0.9.8-24.
The exim4 packaged installed on my server is : 4.89-2+deb9u6.
Thank you for your help.
-
cyclone200
- Posts: 27
- Joined: Wed Jan 03, 2018 5:57 pm
- Os: Debian 8x
- Web: apache + nginx
Re: Exim vulnerability update
I did but it just says:
Is apt-get install exim4 enough to update the package and escape the vulnerability?21. Upgrading Exim
If you are already running Exim on your host, building and installing a new version automatically makes it available to MUAs, or any other programs that call the MTA directly. However, if you are running an Exim daemon, you do need to send it a HUP signal, to make it re-execute itself, and thereby pick up the new binary. You do not need to stop processing mail in order to install a new version of Exim. The install script does not modify an existing runtime configuration file.