Jesse Hathaway via Exim-users writes:
> On Thu, May 12, 2022 at 5:30 PM Jeremy Harris wrote:
>> With 4.96 you can set up speculative debug, using ACL.
>> Anybody want to try getting a capture?
>
> Thanks to Jeremy's patch in 462e2cd306 we did not see these errors again
> when running a
I found out about CVE-2022-37452 when I got this notice from Ubuntu
security: https://ubuntu.com/security/notices/USN-5574-1 . It says
"Exim could be made to execute arbitrary code", though in the details it
says "possibly". Naturally this worried me, and I was alarmed that I
hadn't heard of it
On Wed, 24 Aug 2022, Cyborg via Exim-users wrote:
Am 24.08.22 um 18:14 schrieb Jeremy Harris via Exim-users:
On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
How serious is CVE-2022-37452: buffer overflow for the alias list in
host_name_lookup?
The associated bug, 2747, reported it as a
On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
How serious is CVE-2022-37452: buffer overflow for the alias list in
host_name_lookup?
The associated bug, 2747, reported it as a segfault in the receive
process.
--
Cheers,
Jeremy
--
## List details at
Am 24.08.22 um 18:14 schrieb Jeremy Harris via Exim-users:
On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
How serious is CVE-2022-37452: buffer overflow for the alias list in
host_name_lookup?
The associated bug, 2747, reported it as a segfault in the receive
process.
Besides the real
How serious is CVE-2022-37452: buffer overflow for the alias list in
host_name_lookup? I was surprised not to see it discussed on exim-users
or exim-announce, or listed in http://exim.org/static/doc/security/.
I upgraded to 4.96 to be sure.
Ken
--
##
