On 28/01/15 04:47, Always Learning wrote:
Saw this on the Exim List:-
<SNIP>
I use Exim on C5 and C6 - should I be worried about Exim on C6 ?
upstream references: https://rhn.redhat.com/errata/RHSA-2015-0092.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235
Note that in the openwall.com URL you provided (http://www.openwall.com/lists/oss-security/2015/01/27/9 ) there is a simple program (in section 4 - Case Studies) to test whether a given machine's vulnerable.
I dunno what the EOL for C5 patches are, as I don't run it. But reading http://wiki.centos.org/HowTos/EOL it'd seem that there may be a patch for it at some stage, despite upstream not referencing their 5th edition in their notes.
Cheers,
Pete.