On Sat, 30 Sep 2023, Randy Bush via Exim-users wrote:
https://seclists.org/oss-sec/2023/q3/254
i tried putting that in my exim config and it threw errors
:-) I am not surprised.
I've seen some second hand reports (eg on the mailop list,
which 1) has a closed archive, and 2) seems unreachable this evening)
that the vulnerabilities are in SPA (Microsoft, NTLM) authentication and
libspf2.
Since Exim 4.97 release candidates are out for testing, I am assuming
that the fixes so far will be included when that is released as soon as
possible. Asking Jeremy and Heiko to comment further may slow this
further.
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
