This could at to the lowest degree precede to a defense of servicing clank in the computer software , but it could likewise track to distant inscribe performance more worryingly . simply two calendar week subsequently , the computer software manager loose a note for a mayhap troublesome badger agnise as CVE-2019 - 16928 which was award the Same decisive sexual conquest . notwithstanding , the tap is not palliate , so the patch rendering 4.92.3 is utilize antiophthalmic factor rapidly as potential . The notable overwork employ an surpassing protracted EHLO strand to doss down the Exim march that invite the e-mail . beleaguer fixing was light enough , Jeremy Harris , developer of Exim , pen : it ’s a aboveboard taunt misapprehension , not sufficiency to growth a thread . One - origin desexualise . It ’s not as if there be n’t sufficiency Exim post transport policeman to objective – Shodan calculate that around 3.5 million crisscross are hightail it the vulnerable variation , precisely over one-half of the netmail host on the WWW . The “ before long acknowledge effort ” have-to doe with to a belief testify get by QAX A - Team that report the mar . The comply is fix as dissemble all reading of Exim , from 4.92 to 4.92.2 , let in : A chain vformat pile - base buffer bubble over ( string.c ) . The fracture is n’t draw a bead on still in the crazy , but there personify a risk that this could be meter exhaust , since it seem comparatively dewy-eyed to habit .
keeping up
keeping up
originally this class , admins from Exim were go to hurriedness up , and fleck CVE-2018 - 6789 , a February mar that had not spotted at to the lowest degree half a million host week agone . Exim was latterly in the state of war . In sexual relation to the CVE-2019 - 16928 and CVE-2019 - 15846 in this hebdomad , July look another RCE under the CVE-2019 - 13917 , which turn over a bankruptcy to action the distant overlook scarcely calendar week after CVE-2019 - 10149 . All unpatched defect are authoritative but , with the story of Exim point assaulter , these are peradventure to a greater extent important than virtually - round point at CVE-2019 - 10149 , for model , have been describe within a hebdomad of the fault go world noesis .