Re: [SECURITY] [DSA-2154-1] exim4 security update

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA-2154-1] exim4 security update
From: Jordon Bedwell <jordon@envygeeks.com>
Date: Sun, 30 Jan 2011 09:01:59 -0600
Message-id: <[🔎] 4D457D67.7030008@envygeeks.com>
In-reply-to: <[🔎] 20110130141151.GH17847@dyn.kanojo.de>
References: <E1PjUjG-00024b-RF@chopin.debian.org> <[🔎] 20110130141151.GH17847@dyn.kanojo.de>

On 1/30/2011 8:11 AM, Dario Ernst wrote:

Hello,

as i was affected by the recent exim exploit i may be a bit paranoid
here, but i have general question on this update.

If i am not using -D or -C anywhere in my exim setup (e.g. using the
debian default initscripts and have not added any of those options in
/etc/default/exim4) and installed the update ... am i okay to go with
that?

Sorry for asking those stupid questions, but the instructions are a
little ambiguous there...

The only stupid question is a question not asked. And in theory yes youare correct that you should now be safe from any known threats involvingthat CVE.

Reply to:

References:
- Re: [SECURITY] [DSA-2154-1] exim4 security update
  - From: Dario Ernst <reply@nebuk.de>

Prev by Date: Re: [SECURITY] [DSA-2154-1] exim4 security update
Next by Date: Re: [SECURITY] [DSA-2154-1] exim4 security update
Previous by thread: Re: [SECURITY] [DSA-2154-1] exim4 security update
Next by thread: Re: [SECURITY] [DSA-2154-1] exim4 security update
Index(es):
- Date
- Thread