Am 06.09.19 um 13:14 schrieb Heiko Schlittermann via Exim-users:
> An Update to the mitigation for the current CVE:
>
> Add - as part of the mail ACL (the ACL referenced by the main config
> option "acl_smtp_mail"):
>
> deny condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}}
> deny condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_peerdn}}}}
>
> This should prevent the currently known attack vector.
>
If anyone wondered, why Fedora did not have updates ready, someone was
on vacation ;)
I just got word from Fedora, the exim update is now "urgent" :D
Best regards,
Marius
