Author: Cyborg Date: To: exim-users Subject: Re: [exim] CVE-2022-37452
Am 24.08.22 um 18:14 schrieb Jeremy Harris via Exim-users: > On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
>> How serious is CVE-2022-37452: buffer overflow for the alias list in
>> host_name_lookup?
>
> The associated bug, 2747, reported it as a segfault in the receive
> process.
Besides the real impact here, if a CVE number has been assigned, and
it's reasonable to assume it's correct,
it should be mentioned in the security section, don't you agree?