Re: [exim] for europeans only: EU GDPR and mitigation of CV…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MHeiko Schlittermann at <-
MMarius Schwarz at ->
Delete this message
Reply to this message
Author: Jay Sekora
Date:  
To: Heiko Schlittermann
CC: exim-users
Subject: Re: [exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846
> Heiko Schlittermann <hs@???> (Fr 06 Sep 2019 22:40:19 CEST):
> > But nevertheless, your Exim is vulnerable. Unfortunnatly the ACL trick
> > doesn't work. You can do "binary patching".

Thank you; I did that and it seems to work (leaving the first occurrence
of "tls_sni" not preceded by a hyphen alone and garbling the second one,
in "-tls_sni %s").

> Alternativly, can't you build the package for your system on your own?

Yes! I didn't realize how trivial the patch was and didn't realize it
would apply cleanly to my old source. I haven't done that
yet but I will.

Thank you so much for all your help!

Jay


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846Re: [exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)