> CVE-2018-19518[0]: > | University of Washington IMAP Toolkit 2007f on UNIX, as used in > | imap_open() in PHP and other products, launches an rsh command (by > | means of the imap_rimap function in c-client/imap4r1.c and the > | tcp_aopen function in osdep/unix/tcp_unix.c) without preventing > | argument injection,
I'm wondering if anyone would complain if I'd disable RSH (SSH) connections altogether. -- Magnus Holmgren Debian Developer
