On 20/12/2022 17:12, Andreas Metzler via Exim-users wrote:
Is there a security impact of the bug?
Nope. Logging only... and only if you've written your config to try and save an 8 kB (with the release size of log buffer) log message. I guess, if you have, an attacker could induce a lot of process terminations. Most systems won't have setuid-coredumps enabled, so little issue there. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
