Re: [exim] CVE-2022-37452

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Cyborg
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: Re: [exim] CVE-2022-37452
Am 24.08.22 um 18:14 schrieb Jeremy Harris via Exim-users:
> On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
>> How serious is CVE-2022-37452: buffer overflow for the alias list in
>> host_name_lookup?
>
> The associated bug, 2747, reported it as a segfault in the receive
> process.


Besides the real impact here, if a CVE number has been assigned, and
it's reasonable to assume it's correct,
it should be mentioned in the security section, don't you agree?

Best regards,
Marius