FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

exim -- DKIM private key leak

Affected packages
4.69 < exim < 4.87.1

Details

VuXML ID e7002b26-caaa-11e6-a76a-9f7324e5534e
Discovery 2016-12-15
Entry 2016-12-25

The Exim project reports:

Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTAL_DSN_INFO=yes is used, the key material is included in the bounce message.

References

CVE Name CVE-2016-9963
URL https://exim.org/static/doc/CVE-2016-9963.txt