On Wednesday 28 January 2015 13:25:20 i...@thargoid.co.uk wrote: > On 2015-01-28 12:27, Peter Viskup wrote: > > before considering downtimes and patching activities on production > > servers > > read these: > > > > https://www.debian.org/security/2015/dsa-3142 > > http://seclists.org/oss-sec/2015/q1/283 > > > > especially the second link mention network-facing software which is not > > vulnerable due to proper sanitization out of glibc. > > Indeed, however you will notice that the list on the second link does > not contain exim, the default SMTP server software for debian. This was > used for proof-of-concept code. > > http://seclists.org/oss-sec/2015/q1/274
So Wheezy users who use Exim are at risk? But it surely then follows that Wheezy users who do not use Exim, or even have it installed, are not at risk? Lisi -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/201501281427.18269.lisi.re...@gmail.com
