网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

USN-6455-2: Exim regression

来源: ubuntu_security_notice · 发布时间 2026-06-10 20:22 (UTC+08:00) · 抓取时间 2026-06-10 22:35 (UTC+08:00)

原文链接

摘要

USN-6455-1 introduced a regression in Exim

正文

USN-6455-1 fixed vulnerabilities in Exim. The fix for CVE-2023-42117 introduced a regression on Ubuntu 22.04 LTS that resulted in certain connections logging a Taint mismatch error. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2023-42117) It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. (CVE-2023-42119)

标签

扩展字段

{
  "guid": "https://ubuntu.com/security/notices/USN-6455-2",
  "instructions": "In general, a standard system update will make all the necessary changes.\n",
  "raw_pub_date": "Wed, 10 Jun 2026 12:22:10 +0000",
  "references": [
    "https://launchpad.net/bugs/2152830"
  ],
  "release_packages": {
    "jammy": [
      {
        "description": "Exim is a mail transport agent",
        "is_source": true,
        "name": "exim4",
        "version": "4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": true,
        "name": "exim4",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": false,
        "name": "exim4-base",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": false,
        "name": "exim4-config",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": true,
        "name": "exim4-daemon-heavy",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": true,
        "name": "exim4-daemon-light",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": false,
        "name": "exim4-dev",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      },
      {
        "is_source": false,
        "is_visible": false,
        "name": "eximon4",
        "pocket": "security",
        "source_link": "https://launchpad.net/ubuntu/+source/exim4",
        "version": "4.95-4ubuntu2.10",
        "version_link": "https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.10"
      }
    ]
  },
  "releases": [
    {
      "codename": "jammy",
      "support_tag": "LTS",
      "version": "22.04"
    }
  ]
}