Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable

Página Inicial
Delete this message
Reply to this message
Autor: Cyborg
Data:  
Para: exim-users
Assunto: Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable
Hi Jeremy,

Am 06.06.19 um 13:40 schrieb Jeremy Harris via Exim-users:
> exim -bV | grep -i support

Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc OpenSSL
Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open

Does that "Event" mean, the code is in it or is it part of another string?

I really hoped for something like this for apache: (httpd -V)

...
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

but if rejecting addresses with "$" is all "for now", i have enough
informations until the exim upgrade is run throu. Thx.

best regards,
marius