Any risk with apttitude safe-upgrade mc-exim?

Problems/questions about updates/patches of MailCleaner

Moderators: FlorianB, Pascal, bourgeois, mentor

danielhansson
Posts: 7
Joined: Wed Aug 30, 2017 7:29 am
How did you hear about Mailcleaner: My company uses it

Any risk with apttitude safe-upgrade mc-exim?

Postby danielhansson » Fri Jan 19, 2018 9:20 am

Hi!

I like to keep my server updated and patched.

I noticed that the package manager would like to update a package called "mc-exim" and I just want to double check before I do anything stupid: is it safe to use the package manager to perform upgrades or what's the best practice here?
uncltom
Posts: 501
Joined: Tue Aug 26, 2008 3:01 am
How did you hear about Mailcleaner: I dont remember probably google?
Location: Spokane, WA

Re: Any risk with apttitude safe-upgrade mc-exim?

Postby uncltom » Sat Feb 10, 2018 10:13 pm

According to FlorianB it is safe to do the apt-get update /apt-get upgrade. As a matter of fact his e-mail about the processor vulnerabilities says that you should do it if you want to apply the latest patches outside of the regular cycle.
FlorianB
Posts: 268
Joined: Wed Apr 01, 2015 2:27 pm
How did you hear about Mailcleaner: job

Re: Any risk with apttitude safe-upgrade mc-exim?

Postby FlorianB » Mon Feb 12, 2018 12:08 pm

Hello,
Exact this should be safe.
But i have to precise this is a mail from the team after a management decision and not mine. I don't share the feeling about this decision as these patch will of course have consequencies about performances (the entire world products has, so why MailCleaner would not ?) and as i don't know what these consequences could be, i would have prefer to not update.
And yes i understand we re talking about big security updates but ask yourself how this could be exploited. Not from remote as there is no browser to execute js or anything. Probably not from local except if your server has already been compromised (and in this case this is the last of your problems :lol: ).
So is it worth it to risk a lost of performance for a resolution of one problem and only a mitigation of the second one on a server with no user account and only a root access for administrators ? Could it wait a real firmware resolution in some months with probably less impact ?
But taking a decision was necessary as a lot of our customers are not Linux expert and this newsletter has been sent and this was probably the thing to do for a global answer.
Regards,
Florian Billebault
MailCleaner Team

Return to “Updates”

Who is online

Users browsing this forum: No registered users and 2 guests