On 1/30/2011 8:11 AM, Dario Ernst wrote:
Hello, as i was affected by the recent exim exploit i may be a bit paranoid here, but i have general question on this update. If i am not using -D or -C anywhere in my exim setup (e.g. using the debian default initscripts and have not added any of those options in /etc/default/exim4) and installed the update ... am i okay to go with that? Sorry for asking those stupid questions, but the instructions are a little ambiguous there...
The only stupid question is a question not asked. And in theory yes you are correct that you should now be safe from any known threats involving that CVE.