exim4 upload to stable (dovecot stability / and optionally spf quoting)
Andreas Metzler
ametzler at downhill.at.eu.org
Mon Jan 7 15:35:17 UTC 2013
On 2013-01-07 Philipp Kern <pkern at debian.org> wrote:
> On Sat, Jan 05, 2013 at 02:20:06PM +0100, Andreas Metzler wrote:
[...]
> > Due to insufficient quoting it is possible to pass on arbitrary
> > arguments to spfquery and therefore bypass SPF checks. The fix is not
> > invasive, but it changes dpkg conffiles.
[...]
> Just to be clear: The underquoting does not yield a situation where one
> can use shell escapes or similar? It's "just" about being able to bypass
> the SPF check by supplying crafted data?
Hello,
As exim's ${run ...} expansion does not use a shell and there is no
recursive expansion nothing dangerous should happen there. However I
just do not know (and cannot judge) whether spfquery handles broken
input that badly.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-exim4-maintainers
mailing list