https://bugs.exim.org/show_bug.cgi?id=1664
--- Comment #4 from Jeremy Harris <[email protected]> --- Untested as yet, but a commit addressing this has been made in the GnuTLS code (https://gitlab.com/gnutls/gnutls.git 1965e2c2f724 +branches). Unsafe versions are 3.4.3 & 3.3.16 . It seems best to disable Exim's use of OCSP for those (and earlier) runtime versions of the library, but I don't know what effect this will have on a distro which pulls in the GnuTLS patch without changing the GnuTLS version number. Presumably they'll be no worse off if they do that and do not pull in the Exim patch, nor any further Exim release prior to a new GnuTLS release. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
