On 06/06/2020 19:29, Jeremy Harris via Exim-users wrote:
> On 05/06/2020 20:02, Laura Williamson via Exim-users wrote:
>> dkim_selector = ${lookup sqlite {/usr/exim/dkimcertificates select
>> selector from dkimcerts where domain='$sender_address_domain'}{$value}}
>
> As I told Max, one of:
>
> - use the sqlite_dbfile main option
> - use separate tables within one sqlite db rather than multiple db files
> - ensure your sqlite lookup strings do not contain tainted data
> (look in the Concept Index for de-tainting methods)
> - move to a different db type
> - wait for the next release
>
To which I'll now add:
- If you are building from git, or from source that you can patch,
pick up
https://git.exim.org/exim.git/commit/b8514d1960e259d49ab2c84c89eba52ab993da3f
--
Cheers,
Jeremy
