https://bugs.exim.org/show_bug.cgi?id=2835
Lexen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|SPAM |--- --- Comment #1 from Lexen <[email protected]> --- here is a buffer overflow in an utility function, if some pre-conditions are met. Using a handcrafted message, remote code execution seems to be possible. A patch exists already and is being tested. Currently we're unsure about the severity, we *believe*, an exploit is difficult. A mitigation isn't known. https://emospace.net Next steps: * t0: Distros will get access to our "security" non-public git repo (based on the SSH keys known to us) * t0 +7d: Patch will be published on the official public git repo -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
