Re: [exim] CVE-2015-0235 - glibc gethostbyname remotelyexplo…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMViktor Dukhovni at <-
MRoman Rybalko at ->
Delete this message
Reply to this message
Author: Always Learning
Date:  
To: exim-users
Subject: Re: [exim] CVE-2015-0235 - glibc gethostbyname remotelyexploitable via exim

On Tue, 2015-01-27 at 19:20 +0000, Phil Pennock wrote:


> Jumping ship would be doing something for the sake of doing something,
> addressing only whichever API most recently happened to have a
> vulnerability; it does not address any systemic issues and there's
> no guarantee that it would actually help.

It is in PHP too. Have, temporarily, disabled verify = helo and the PHP
instances.

--
Regards, 

Paul.
England, EU.      Je suis Charlie.




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim[exim] Rate Limit in Exim 4.8->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)