On Mon, Jun 19, 2017 at 07:05:10PM -0400, Leo Famulari wrote: > I'm currently testing the patch for CVE-2017-1000369 in Exim: > > https://git.exim.org/exim.git/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 > > "To reach the start of the stack with the end of the heap (man brk), we > permanently leak memory through multiple -p command-line arguments that > are malloc()ated by Exim but never free()d (CVE-2017-1000369) -- we call > such a malloc()ated chunk of heap memory a "memleak-chunk"." > > https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Pushed as 4dd8d280857607d1ee41ae03c62c5e629ad75c37.
signature.asc
Description: PGP signature
