Re: [exim] [oss-security] Exim CVE-2019-16928 RCE using a heap-based buffer overflow

2019-09-28 Thread Heiko Schlittermann via Exim-users
** Exim 4.92.3 released (security release) ** CVE ID: CVE-2019-16928 Date: 2019-09-27 (CVE assigned) Version(s): from 4.92 up to and including 4.92.2 Reporter: QAX-A-TEAM Reference: https://bugs.exim.org/show_bug.cgi?id=2449 Issue: Heap-based buffer overflow in string_vformat,

Re: [exim] SMTP error from remote mail server after pipelined MAIL

2019-09-28 Thread Niels Dettenbach via Exim-users
Am Samstag, 28. September 2019, 03:26:27 EDT schrieb Graeme Fowler via Exim- users: > On 28 Sep 2019, at 07:48, necktwi via Exim-users wrote: > > you made me to compramise my identity? does strace.log and exim.log even > > contain my private key? > No, he’s not “made” you do anything, he

Re: [exim] SMTP error from remote mail server after pipelined MAIL

2019-09-28 Thread Graeme Fowler via Exim-users
On 28 Sep 2019, at 07:48, necktwi via Exim-users wrote: > you made me to compramise my identity? does strace.log and exim.log even > contain my private key? No, he’s not “made” you do anything, he suggested some diagnostics be provided for the issue you’ve reported. Luckily for you the