On 26.10.2012 11:35, Phil Pennock wrote:
Folks,
During internal code review on Wednesday, I uncovered a remote code
execution hole in Exim, affecting releases 4.70 to 4.80, in the DKIM
handling. This can be triggered by anyone who can send you email from a
domain for which they control the DNS, and gets them the Exim run-time
user.
Hi Phil,
If an existing exim instalation doesn't verify received DKIMs is it
still vulnerable ?
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
