Ahoj, Dňa Sat, 26 Jul 2025 11:04:53 +0200 Andreas Metzler via Exim-users <[email protected]> napísal:
> | * An integer underflow was fixed in libspf2's repository in > response: | > https://github.com/shevek/libspf2/commit/d14abff4b544cfc53a8b5ef54cbc2353866b5081 > | However, it is neither clear whether this is practically > exploitable, | nor whether it is actually the bug ZDI found. At time of that CVE i was in contact with Debian's security team, their response was near the same and AFAIK that patch is still not included in Debian's package. And will not be included in upcoming trixie (13) release (as it is too late now). Anyway, for me the SPF (and DMARC) is checked/enforced by rspamd, not by exim. That issue only simplified my decision ;-) regards -- Slavko https://www.slavino.sk -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
