This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EXIM Vuln. - any news?

Hi,

anyone at Sophos can comment on the EXIM vulns, for instance as described here? https://www.heise.de/news/Jetzt-patchen-Kritische-Root-Luecken-bedrohen-Exim-Mail-Server-6036724.html

Thanks

Joerg



This thread was automatically locked due to age.
Parents
  • Hi all, 

    We just released a 9.706-9 update on the download server as well, which patches these exim vulnerabilities for customers who already updated to 9.706-8. 

  • I was about to make a ticket after 9.706-8 was causing attachment corruption with email. Every attachment in or out was getting about 1.3% of the end of the file removed. I check a original and a corrupted file in a hex compare, it didn't scramble or corrupt the data structure, it just literally whacked the last bit off the data stream. here is an example of one of the test files https://i.imgur.com/MecVsxV.png . I'm posting here to say 9.706-9 fixed my issue. Ticket averted.

Reply
  • I was about to make a ticket after 9.706-8 was causing attachment corruption with email. Every attachment in or out was getting about 1.3% of the end of the file removed. I check a original and a corrupted file in a hex compare, it didn't scramble or corrupt the data structure, it just literally whacked the last bit off the data stream. here is an example of one of the test files https://i.imgur.com/MecVsxV.png . I'm posting here to say 9.706-9 fixed my issue. Ticket averted.

Children
No Data