SECURITY: DMARC uses From header untrusted data - user/henk/code/exim.git

diff options

author	Todd Lyons <tlyons@exim.org>	2014-05-26 12:14:16 -0700
committer	Todd Lyons <tlyons@exim.org>	2014-05-26 12:14:16 -0700
commit	5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0 (patch)
tree	18486f503facc9bf41244f63ab08da5cfb684d44 /test/aux-fixed/5100.script.06
parent	69aca2feaca1ebbc55c6f1adaee4738dc328ae90 (diff)

SECURITY: DMARC uses From header untrusted dataexim-4_82_1

CVE-2014-2957 To find the sending domain, expand_string() was used to directly parse the contents of the From header. This passes untrusted data directly into an internal function. Convert to use standard internal parsing functions.

Diffstat (limited to 'test/aux-fixed/5100.script.06')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: