CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2019/09/29 12:08:55
Modified files:
mail/exim : Makefile distinfo
Log message:
security update to exim-4.92.3; ok Renaud Allard (maintainer)
"There is a heap-based buffer overflow in string_vformat (string.c).
The currently known exploit uses a extraordinary long EHLO string to
crash the Exim process that is receiving the message. While at this
mode of operation Exim already dropped its privileges, other paths to
reach the vulnerable code may exist."
