========================================================================== Ubuntu Security Notice USN-4010-1 June 05, 2019 exim4 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS Summary: Exim could be made to run commands if it received specially crafted network traffic. Software Description: - exim4: Exim is a mail transport agent Details: It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: exim4-daemon-heavy 4.91-6ubuntu1.1 exim4-daemon-light 4.91-6ubuntu1.1 Ubuntu 18.04 LTS: exim4-daemon-heavy 4.90.1-1ubuntu1.2 exim4-daemon-light 4.90.1-1ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4010-1 CVE-2019-10149 Package Information: https://launchpad.net/ubuntu/+source/exim4/4.91-6ubuntu1.1 https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.2