Re: [exim] DKIM signature where the identity field has a lea…

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
M\de volledige draad-boom gesorteerd op datum
MMTed Cooper op <-
.MW B Hacker op ->
Delete this message
Reply to this message
Auteur: Phil Pennock
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystem
On 2011-05-07 at 09:08 +1000, Ted Cooper wrote:
> On 07/05/11 08:51, Tony Meyer wrote:
> >> condition = ${if eqi{$sender_address_domain}{$dkim_cur_signer}}
> >
> > Unfortunately, this didn't fix the problem. I get the paniclog entry
> > even using this ACL:
>
> Is this at all related?
> https://lists.exim.org/lurker/message/20110506.112357.e99a8db1.en.html
>
> [exim] Exim 4.76 RC1 uploaded - SECURITY
>
> CVE-2011-1764: a format string attack in logging DKIM
> information from an inbound mail may permit anyone who can send you
> email to cause code to be executed as the Exim run-time user.

No, I very much doubt it.

Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-Re: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystemRe: [exim] DKIM signature where the identity field has a leading slash attempts to touch the filesystem->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)