Discussion:
[Pkg-exim4-users] Critical Exim Security Vulnerability: disable chunking
Tim Landscheidt
2017-11-25 14:15:00 UTC
Permalink
[…]
With immediate effect, please apply this workaround: if you are running
Exim 4.88 or newer (4.89 is current, 4.90 is upcoming) then in the main
[…]
Just to clarify: Exim < 4.88 (for example Debian Jessie) is
not affected?

Tim
Andreas Metzler
2017-11-26 07:11:58 UTC
Permalink
Post by Tim Landscheidt
[…]
With immediate effect, please apply this workaround: if you are running
Exim 4.88 or newer (4.89 is current, 4.90 is upcoming) then in the main
[…]
Just to clarify: Exim < 4.88 (for example Debian Jessie) is
not affected?
Afaik, yes. Both bugs are triggered by BDAT codepaths. BDAT/CHUNKING
support was only introduced in 4.88.

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
Loading...