[exim-dev] PCRE vulnerability

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MTony Finch at ->
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: exim-dev
Subject: [exim-dev] PCRE vulnerability
http://www.securitytracker.com/alerts/2005/Aug/1014744.html

Exim 4.52 and snapshot 20050802 contains PCRE 6.0.

According to the alert, only "Applications that parse untrusted regular
expressions may be vulnerable." Exim does not do that by default, AFAIK,
but there may be a few setups allowing that, e.g. user specified filters
with regex.

So is Exim affected?


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Re: [exim] non-ascii in the envelopeRe: [exim-dev] PCRE vulnerability->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)