Re: [exim] for europeans only: EU GDPR and mitigation of CV…

Top Page

Reply to this message
Author: Marius Schwarz
To: Jay Sekora, Jay Sekora via Exim-users, Heiko Schlittermann
CC: exim-users
Subject: Re: [exim] for europeans only: EU GDPR and mitigation of CVE-2019-15846
sorry to interrupt, but in what way does the existence of the sni var reflect the internal problem the exploit is using???

@heiko: the var could be added later, after the sni feature had been introduced to exim. Therefor the problem could be older than the introduction date.

Am September 6, 2019 8:17:31 PM UTC schrieb Jay Sekora via Exim-users <exim-users@???>:
>> > failed to expand ACL string "${if
>eq{\\}{${substr{-1}{1}{$tls_in_sni}}}}": unknown variable name
>> According the the Git log, the $tls_in_sni variable should be
>> for >= 4.81. For <4.81 $tls_sni was the name.
>Thansk! I saw that, but this is 4.82, and I get the same error with
>$tls_sni .
>> Does "exim -be '$tls_in_sni'" complain too? And "exim -be
>$ exim -be '$tls_in_sni'
>Failed: unknown variable name "tls_in_sni"
>$ exim -be '$tls_sni'
>Failed: unknown variable name "tls_sni"
>$ exim -bV           
>Exim version 4.82 #2 built 10-Feb-2018 19:43:30
>Copyright (c) University of Cambridge, 1995 - 2013
>(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
>- 2013
>Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
>Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS
>move_frozen_messages Content_Scanning DKIM Old_Demime
>Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm
>dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
>Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
>Routers: accept dnslookup ipliteral iplookup manualroute queryprogram
>Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
>Fixed never_users: 0
>Size of off_t: 8
>Configuration file is /etc/exim4/exim4.conf

>## List details at
>## Exim details at
>## Please use the Wiki with this list -

Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.