公告ID: KYLIN-2019-13917
安全等级: 重要
产品: Kylin V3
发布日期: 2019年7月25日
CVE: CVE-2019-13917
CVSS3评分: 8.1
概述:
As per upstream, this exim security flaw only affects exim versions from 4.85 up to and including 4.92. Since Kylin Enterprise Linux 5 ships exim-4.63, it is not affected by this flaw. 描述:
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain). 系统版本:
KYLIN 3.0.x
受影响包列表:
exim