Re: [exim-dev] PCRE vunerability and Exim ?

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Michael Haardt
Ημερομηνία:  
Προς: exim-dev
Αντικείμενο: Re: [exim-dev] PCRE vunerability and Exim ?
> I suspect that within exim pcre does not parse user-supplied
> expressions, so this is not a major vunerability, but is anyone
> in a position to confirm this, or do we need to release an updated
> version of exim ?


Exim does parse user-supplied expressions in filters, but usually they
run with user privileges. I can imagine setups that are concerned by
this problem, but very few.

Michael