ALAS-2024-1908

Amazon Linux 1 (EOL) Security Advisory: ALAS-2024-1908
Advisory Released Date: 2024-01-22
Advisory Updated Date: 2024-01-23

Severity: Important

References: CVE-2023-51766
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. (CVE-2023-51766)

Affected Packages:

exim

Issue Correction:
Run yum update exim to update your system.

New Packages:

i686:
    exim-mysql-4.92-1.40.amzn1.i686
    exim-pgsql-4.92-1.40.amzn1.i686
    exim-greylist-4.92-1.40.amzn1.i686
    exim-4.92-1.40.amzn1.i686
    exim-mon-4.92-1.40.amzn1.i686
    exim-debuginfo-4.92-1.40.amzn1.i686

src:
    exim-4.92-1.40.amzn1.src

x86_64:
    exim-mysql-4.92-1.40.amzn1.x86_64
    exim-mon-4.92-1.40.amzn1.x86_64
    exim-pgsql-4.92-1.40.amzn1.x86_64
    exim-4.92-1.40.amzn1.x86_64
    exim-debuginfo-4.92-1.40.amzn1.x86_64
    exim-greylist-4.92-1.40.amzn1.x86_64

Additional References

Red Hat: CVE-2023-51766

Mitre: CVE-2023-51766