We'd love to hear about it! Click here to go to the product suggestion community
Hi, this seems to be urgent to me as this is remote exploitable. Any update from Sophos for UTM regarding this? Thanks Joerg
In reply to EdmundSackbauer:
I am not claiming to be the wiser here, but try to search Google for "Exim version 4.82_1-5b7a7c0-XX", you will find a lot of appliances using this build, I have seen them with -<number> at the end also?
maybe i could learn something here :-)
Regardsless, the release notes for UTM, on have EXIM in it in the 9.508 release:
"Fix [NUTM-9252]: [Email] Patch Exim for CVE-2014-2972 and CVE-2016-9963"
So from this:
Then there should be som work in progress right?
None the less, i hope for a quick fix from Sophos, as apparently EXIM 4.82 is not backported for
In reply to twister5800:
In reply to FrancWest:
that's great news, thanks ;-)
We have released this KBA yesterday Exim CVE-2019-15846 and Sophos Products This vulnerability is not exploitable on any Sophos products, see the table below for more information.
* Despite this vulnerability not being exploitable due to the current architecture of the Sophos XG and Sophos UTM products, we do still plan on releasing a patch for Exim on these platforms in an upcoming Maintenance Release.I hope this clarifies any doubts you have.