[exim-dev] [Bug 3063] Partially vulnerable to "SMTP Smugglin…

Top Page
Delete this message
Reply to this message
Author: Exim Bugzilla
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 3063] New: Partially vulnerable to "SMTP Smuggling" if pipelining is enabled
Subject: [exim-dev] [Bug 3063] Partially vulnerable to "SMTP Smuggling" if pipelining is enabled and chunking is disabled/unused
https://bugs.exim.org/show_bug.cgi?id=3063

--- Comment #4 from Jeremy Harris <jgh146exb@???> ---
https://nvd.nist.gov/vuln/detail/CVE-2023-51766

git master: cf1376206284 & 5bb786d5ad56 address this.
5bb7 has a dependency on 4596719398f6 (which is only coding-style changes;
not strictly part of the fixes).

Interested parties capable of building from git are invited to do so;
these commits are not in a release package from the Exim project at this time.

--
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/