[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: [LIH] (fwd) [SECURITY] [DSA-058-1] exim printf format attack
* Raju Mathur [linux-india] <11/06/01 08:30 +0530>:
> [Vendors have started releasing patched Exim packages. Please upgrade
> -- Raju]
No official patch from the exim people yet. And unfortunately 3.12 is old as
the hills (there are a lot of features that I use - and require - in the 3.2x
So best way is to run without header check syntax compiled in till Philip
Hazel gets back (he should be back today and I think an official patch will
be out within a while).
Right now, this bug is not critical - and doesnt affect you if you haven't
compiled your exim with header check syntax enabled.
I'd suggest "wait and watch" for a while. If you are using debian, then
fine, of course.
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin