cvs commit: ports/security/vuxml vuln.xml
Jacques A. Vidrine
nectar at FreeBSD.org
Thu May 6 09:28:43 PDT 2004
On Thu, May 06, 2004 at 06:19:22PM +0200, Oliver Eikemeier wrote:
> Jacques A. Vidrine wrote:
>
> >On Thu, May 06, 2004 at 08:43:53AM -0700, Oliver Eikemeier wrote:
> >
> >>eik 2004/05/06 08:43:53 PDT
> >>
> >> FreeBSD ports repository
> >>
> >> Modified files:
> >> security/vuxml vuln.xml
> >> Log:
> >> exim buffer overflow when verify = header_syntax is used
> >>
> >> Revision Changes Path
> >> 1.90 +27 -0 ports/security/vuxml/vuln.xml
> >
> >Thanks!
> >Actually, there are two bugs: CAN-2004-0399 CAN-2004-0400
> >Were both of these fixed?
>
> I guess I have no access to the preliminary information
> CAN-2004-0399 contains, so I can't tell.
George's advisory included two bugs:
CAN-2004-0399: exim buffer overflows with sender address/host name
when sender_verify is enabled
CAN-2004-0400: exim buffer overflow with header name when
headers_check_syntax is enabled
Maybe only one of them affected the version of exim we have?
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the cvs-all
mailing list