cvs commit: ports/security/vuxml vuln.xml
Jacques A. Vidrine
nectar at FreeBSD.org
Thu May 6 10:28:38 PDT 2004
On Thu, May 06, 2004 at 07:07:02PM +0200, Oliver Eikemeier wrote:
> Neither do I know George. The advisory I refer to is
> <http://www.guninski.com/exim1.html>
Typo on my part. I meant Georgi, as in Georgi Guninski.
> I verified that what is called `bug2' affects FreeBSD when
> `verify = header_syntax' is used (which is not done in the default
> configuration file), `bug1' is mentioned as effecting exim 3.35, which
> is a stupid Debianism. Exim 3.36 is available since April 2002
> <http://www.exim.org/pipermail/exim-announce/2002q2/000057.html>
> in FreeBSD as mail/exim-old, is FORBIDDEN since September 2003 and
> has been removed from the ports tree March 2004. `verify = header_syntax'
> used to be `headers_check_syntax' in Exim 3.x, so obviously Georgi
> Guninski and the George writing the CVE list entries are Debian users.
Cool, thanks for confirming!
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the cvs-ports
mailing list