Registration

Create an account with us
and buy SSL certificates
for the lowest price on the web

My Account
You entered a wrong email
address or password
Forgot password?
Retrieve password
Your password recovery information
was sent to your email address.

Follow the instuctions from the message which you got on your email, in order to recover the password for your account.

Too many requests
were sent from your computer.

Please try again later.

REGISTRATION SUCCESSFUL

Thank you for registering with CyberSSL.com.

Registration
By creating an account,
you agree with our (Terms of Service)

Patch your mail server now! An EXIM vulnerability allows to run commands as root.


Patch your mail server now! An EXIM vulnerability allows to run commands as root.

There are more than 4 millions mail servers affected by the new vulnerability (CVE-2019-10149) RCE in Exim. Please make sure your mail server or your hosting provider uses the latest version of one of the most popular mail server EXIM. Affected versions are 4.87 - 4.91. Although, the newest version of EXIM 4.92 has been released on 10th of February 2019, most distributions of Linux still has an older version.

Most patches has already been released for all major distributions:

Please note that any older version of Debian (older then Jessie) has not received any security updated and you need to consider moving to the newest available Debian version.  There will not be any EXIM patches for CentOS/RHEL version 5.x or older.

  1. Debian Stretch has updated the package with the patched version of EXIM - 4.89-2+deb9u4. Date reported 5th of June 2019.
  2. Debian Jessie has received security updates as well. The version is 4.84.2-2+deb8u5
  3. Debian Buster and Sid already use the newest packages of Exim.
  4. CentOS 5-7 and RHEL 6/7 should upgrade to the newest package as well.
  5. Ubuntu 14.04 or Trusty Tahr has received patches with the following package - Exim 4.82-3ubuntu2.4
  6. For Ubuntu 16.04 LTS or Xenial Xerus Exim 4.86.2-2ubuntu2.3 is available
  7. For Ubuntu 17.10 the updated version of the package is 4.89-5ubuntu1.3
  8. Ubuntu 18.04 Bionic has received Exim 4.90.1-1ubuntu1

 

To update Debian or Ubuntu based distros please use the following commands

sudo apt-get update
sudo apt-get upgrade or sudo apt-get install exim4

After that please verify if the right package has been installed

dpkg --list |grep exim
debsecan | grep -i CVE-2018-6789

 

To enable the latest version 4.92

yum --enablerepo=epel=testing update exim
sudo yum update

 

For Fedora distributions please install the following package:

sudo dnf update

For CentOS or Rhel 6/7 you can upgrader the packages by running:

rpm -q --changelog exim | grep CVE-2018-6789
Related