Re: [exim] for europeans only: EU GDPR and mitigation of CV…

Góra strony
Delete this message
Reply to this message
Autor: Jay Sekora
Data:  
Dla: Heiko Schlittermann
CC: exim-users
Temat: Re: [exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846
> Heiko Schlittermann <hs@???> (Fr 06 Sep 2019 22:40:19 CEST):
> > But nevertheless, your Exim is vulnerable. Unfortunnatly the ACL trick
> > doesn't work. You can do "binary patching".


Thank you; I did that and it seems to work (leaving the first occurrence
of "tls_sni" not preceded by a hyphen alone and garbling the second one,
in "-tls_sni %s").

> Alternativly, can't you build the package for your system on your own?


Yes! I didn't realize how trivial the patch was and didn't realize it
would apply cleanly to my old source. I haven't done that
yet but I will.

Thank you so much for all your help!

Jay