Re: [exim] CVE-2019-13917

Top Page

Reply to this message
Author: Russell King
To: exim-users
Subject: Re: [exim] CVE-2019-13917
On Thu, Jul 25, 2019 at 10:04:19AM +0100, Jeremy Harris via Exim-users wrote:
> If the effective configuration file for exim does not use sort
> then the system is trivially declarable as not being vulnerable.
> Use this command to check: "exim -bP config | grep sort".

The grep expression seems to be a bit over-zealous - it'll pick up
on, e.g., "remote_sort_domains" rather than just the sort expansion
operator. Or is "remote_sort_domains" also implicated?

If it's just the ${sort operator you're after, I think you want the
grep to be:

    grep '\${[[:space:]]*sort'


Russell King