Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 2432 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exim - CVE-2020-12783 - is Sophos UTM affected?

StephanG

Hi,

i could not find anything here at the forums or the offical sophos page. 

https://bugs.exim.org/show_bug.cgi?id=2571

 

Best regards

Stephan



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Stephan & Florian,

    It will be quicker to open a case with Sophos Support.  Since the CVE was only assigned 4 weeks ago, I would be surprised if a fix already had been applied.

    I any case, I can't imagine this could present a problem unless you've configured the SMTP Proxy to do 'Authenticated Relay', a feature I recommend against using (Basic Exchange setup with SMTP Proxy).

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello Bob,

    The Exim version of our SG showed "Exim version 4.82_1-5b7a7c0-XX #2 built 20-Nov-2019 13:07:28".

    A colleague of mine did open a ticket with sophos now. Guess we will have to wait and see.

     

    Thanks,

    Florian

  • 0 in reply to Usersscareme

    The developers normally apply patches instead of going to the effort of integrating a new version.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Usersscareme

    The developers normally apply patches instead of going to the effort of integrating a new version.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML