Re: [exim] DKIM signature where the identity field has a lea…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ted Cooper
Date:  
À: exim-users
CC: Tony Meyer
Sujet: Re: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystem
On 07/05/11 08:51, Tony Meyer wrote:
>> condition = ${if eqi{$sender_address_domain}{$dkim_cur_signer}}
>
> Unfortunately, this didn't fix the problem. I get the paniclog entry
> even using this ACL:


Is this at all related?
https://lists.exim.org/lurker/message/20110506.112357.e99a8db1.en.html

[exim] Exim 4.76 RC1 uploaded - SECURITY

CVE-2011-1764: a format string attack in logging DKIM
information from an inbound mail may permit anyone who can send you
email to cause code to be executed as the Exim run-time user.