Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJeremy Harris at <-
MHeiko Schlittermann at ->
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable
Hi Jeremy,

Am 06.06.19 um 13:40 schrieb Jeremy Harris via Exim-users:
> exim -bV | grep -i support
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc OpenSSL
Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open

Does that "Event" mean, the code is in it or is it part of another string?

I really hoped for something like this for apache: (httpd -V)

...
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

but if rejecting addresses with "$" is all "for now", i have enough
informations until the exim upgrade is run throu. Thx.

best regards,
marius

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Incoming mails sometimes with no headers.Re: [exim] Incoming mails sometimes with no headers.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)