Am 15.10.23 um 18:17 schrieb Heiko Schlittermann via Exim-users:
- The remaining issue with `libspf2`, raised as CVE against Exim, can't be addressed by us, as it seems to happen inside the library's code. Library fixes are available.
Hi,AFAIK that has already been adressed (at least for Fedora) in the libspf package:
* Mon Oct 02 2023 XXXXXXXXXXXXXXXX - 1.2.11-10.20210922git4915c308 - CVE-2023-42118
But i would image any distro will have it by now. Best regards, Marius
OpenPGP_0x048770A738345DD3.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
-- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
