Re: [exim-dev] Security issues in exim4 local delivery

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MDan Rosenberg at <-
MNigel Metheringham at ->
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Dan Rosenberg
CC: pdp, Nigel Metheringham, exim-dev
Subject: Re: [exim-dev] Security issues in exim4 local delivery
On 2010-05-28 at 14:06 -0400, Dan Rosenberg wrote:
> Good to hear Exim may continue to be developed after all. What does
> this mean in regards to fixing these particular issues? Will you have
> time after this week to work on a fix? Should I bother waiting, or
> should I just release an advisory describing how to mitigate the
> issues with configuration changes and mention that a new release is
> pending? I'd rather public sooner than later, especially since the
> Bugzilla entries appear to be public - as in, the vulnerabilities
> themselves are technically public already.

Me myself: I'll have time to spend this weekend writing an alternative
fix for the second problem and if everyone's happy then we should be
able to bundle up a release for next week.

-Phil (not the original Phil who has been talked about in this thread)

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] Security issues in exim4 local deliveryRe: [exim-dev] Security issues in exim4 local delivery->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)