On 28/01/15 04:47, Always Learning wrote: > > Saw this on the Exim List:- > <SNIP> > > I use Exim on C5 and C6 - should I be worried about Exim on C6 ? > upstream references: https://rhn.redhat.com/errata/RHSA-2015-0092.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 Note that in the openwall.com URL you provided (http://www.openwall.com/lists/oss-security/2015/01/27/9 ) there is a simple program (in section 4 - Case Studies) to test whether a given machine's vulnerable. I dunno what the EOL for C5 patches are, as I don't run it. But reading http://wiki.centos.org/HowTos/EOL it'd seem that there may be a patch for it at some stage, despite upstream not referencing their 5th edition in their notes. Cheers, Pete.