Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MHeiko Schlittermann at <-
MJasen Betts at ->
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] CVE-2019-10149: 4.87 to 4.91 are vulnerable
Russell King via Exim-users <exim-users@???> (Di 11 Jun 2019 16:08:28 CEST):
>
> As I stated in my original post, I've tried subsituting the " " with
> both + and %2b. I was using Firefox, I've also used elinks as well.
> Nothing works to get a commitdiff.
>
> >    https://git.exim.org/exim.git/shortlog/refs/heads/exim-4_91%2Bfixes

>
> That URL is not a problem - getting the shortlog is not a problem.
> Following any of the links from the shortlog _is_ a problem as my
> original post stated.

Hm. Starting with the link you describe here (using %2B) an can follow
many, if not all (didn't test *all*) links, shortlog -> commitdiff
works.

Using Chromium.
--
Heiko
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Auto-bcc certain outgoing mail?Re: [exim] just been hacked, could be CVE-2019-10149?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)