On Tue, 11 Jun 2019 at 17:24, Niels Dettenbach (Syndicat IT & Internet) via Exim-users <[email protected]> wrote:
> If i read right, the most major distributors (as exim maintainers too) > backported any patch or solution at least to the most used earlier versions > (still provided in their patches / sec updates - so the "90% of vulnerable" > may be way to high att. But 90% sound "more impressive"...ß). > > just my .02$ > > niels. > I can confirm that the patch was backported/applied to Ubuntu 18.04LTS. Their updated package for that distribution is called "Exim 4.90.1-1ubuntu1.2". However the greeting string Exim returns to a client on connection (which is where I think the stats will have been gathered from) is unchanged from before the patch. So yes, I suspect that 90% is on the high side, or more accurately should be described as servers needing/that needed the patch. Cheers, Mike B-) -- *My normal working days are Tuesdays, Wednesdays and Thursdays.* Systems Administrator working in Teaching & Learning IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
