I'm currently testing the patch for CVE-2017-1000369 in Exim: https://git.exim.org/exim.git/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21
"To reach the start of the stack with the end of the heap (man brk), we permanently leak memory through multiple -p command-line arguments that are malloc()ated by Exim but never free()d (CVE-2017-1000369) -- we call such a malloc()ated chunk of heap memory a "memleak-chunk"." https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
signature.asc
Description: PGP signature
