Jeremy Harris wrote:
> On 03/10/2023 12:04, Paul Vinkenoog via Exim-users wrote:
> > BTW, none of my installations advertise the AUTH command to
> > anyone (and they refuse it when issued). Does that mean I'm
> > relatively safe?
>
> That covers CVE-2023-42114 & CVE-2023-42115 only.
That's right, that's why I wrote 'relatively' ;-)
Meanwhile, having read Aliz Hammond's article at labs.watchtowr.com,
it seems that I'm in the clear regarding all six CVE's.
Cheers,
Paul Vinkenoog
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
