[exim] Mitigation statement for CVE-2023-42119

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Johnnie W Adams
Dátum:  
Címzett: exim-users
Tárgy: [exim] Mitigation statement for CVE-2023-42119
Hi, folks,

     What I take from this mitigation statement--Use a trustworthy DNS
resolver which is able to validate the data according to the DNS record
types--is that if our DNS service is solid, we are not vulnerable. Is this
accurate, or am I oversimplifying things? The mitigation statement from ZDI
was much more ominous, but I'm still parsing "network-adjacent attackers".


Thanks,

John A

--
John Adams
Senior Linux/Middleware Administrator | Information Technology Services
+1-501-916-3010 | jxadams@??? | http://ualr.edu/itservices
*UA Little Rock*

Reminder: IT Services will never ask for your password over the phone or
in an email. Always be suspicious of requests for personal information that
come via email, even from known contacts. For more information or to
report suspicious email, visit IT Security
<http://ualr.edu/itservices/security/>.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/