On 06/05/2011 13:23, Phil Pennock wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160I have uploaded Exim 4.76 RC1 to: ftp://ftp.exim.org/pub/exim/exim4/test/ I regret to inform you that 4.76 is a security-fix release, again. In this case, CVE-2011-1764: a format string attack in logging DKIM information from an inbound mail may permit anyone who can send you email to cause code to be executed as the Exim run-time user.
Hello, it is safe to disable DKIM processing by adding: control = dkim_disable_verify to an ACL? -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
