This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EXIM RCE CVE-2019-15846 URGENT

Hi, this seems to be urgent to me as this is remote exploitable. Any update from Sophos for UTM regarding this? Thanks Joerg

 

https://seclists.org/oss-sec/2019/q3/192

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846

https://www.heise.de/security/meldung/Mailserver-Exim-CERT-Bund-kuendigt-Update-fuer-kritische-Schwachstelle-an-4514414.html

 



This thread was automatically locked due to age.
Parents Reply
  • twister5800 said:

    So when that article was written we should already have thr UTM patched to 4.92, but UTm TODAY is still 4.82, meaning more vulnerabilities :-)

     

     
    No, a version number says almost nothing if you dont know how its maintained. It is common to backport the fixes to older versions, as testing new releases is more expensive.
     So this is most likely a custom hardened version 4.82
     
Children