"Four days after a security hole was discovered in the free Exim
mail server, the developers of Debian and Red Hat have released
corrected versions for their Linux distributions. While the Exim
version provided by Red Hat blocks root access, Debian's new Exim
contains fixes for a memory flaw that allows code to be executed
with Exim user rights. However Debian's patched version does not
provide any protection against the hole that allows attackers to
get root rights."