Control: clone 946829 -1 Control: retitle -1 sa-exim: CVE-2019-19920 Control: tags -1 + security
Hi, On Thu, Dec 19, 2019 at 09:06:13AM +0200, Henrik Krohns wrote: > > Hello, > > This was really a vulnerability which allowed running any perl code or > commands (even as root), for anyone able to write .cf files/rules. MITRE has assigned CVE-2019-19920 for this issue itself. As your patch adresses both the vulnerability and the compatibility I'm still just for distinction, I'm cloning this bug accordingly (but patch can close then both bugs). https://marc.info/?l=spamassassin-users&m=157668107325768&w=2 https://marc.info/?l=spamassassin-users&m=157668305026635&w=2 Regards, Salvatore
