Jeremy Harris wrote: > On 03/10/2023 12:04, Paul Vinkenoog via Exim-users wrote: > > BTW, none of my installations advertise the AUTH command to > > anyone (and they refuse it when issued). Does that mean I'm > > relatively safe? > > That covers CVE-2023-42114 & CVE-2023-42115 only.
That's right, that's why I wrote 'relatively' ;-) Meanwhile, having read Aliz Hammond's article at labs.watchtowr.com, it seems that I'm in the clear regarding all six CVE's. Cheers, Paul Vinkenoog -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
