On 06/05/2011 13:23, Phil Pennock wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>
> I have uploaded Exim 4.76 RC1 to:
> ftp://ftp.exim.org/pub/exim/exim4/test/
>
> I regret to inform you that 4.76 is a security-fix release, again. In
> this case, CVE-2011-1764: a format string attack in logging DKIM
> information from an inbound mail may permit anyone who can send you
> email to cause code to be executed as the Exim run-time user.
Hello, it is safe to disable DKIM processing by adding:
control = dkim_disable_verify
to an ACL?
