Control: clone 946829 -1
Control: retitle -1 sa-exim: CVE-2019-19920
Control: tags -1 + security

Hi,

On Thu, Dec 19, 2019 at 09:06:13AM +0200, Henrik Krohns wrote:
> 
> Hello,
> 
> This was really a vulnerability which allowed running any perl code or
> commands (even as root), for anyone able to write .cf files/rules.

MITRE has assigned CVE-2019-19920 for this issue itself. As your patch
adresses both the vulnerability and the compatibility I'm still just
for distinction, I'm cloning this bug accordingly (but patch can close
then both bugs).

https://marc.info/?l=spamassassin-users&m=157668107325768&w=2
https://marc.info/?l=spamassassin-users&m=157668305026635&w=2

Regards,
Salvatore

Reply via email to