Tsis ntev los no, nyob rau lub caij ntuj sov thaum ntxov, muaj kev hu xov tooj rau Exim kom hloov kho rau version 4.92 vim yog CVE-2019-10149 qhov tsis zoo (Ceev hloov tshiab Exim rau 4.92 - muaj tus kab mob nquag / Sudo Null IT Xov Xwm). Thiab tsis ntev los no nws tau muab tawm tias Sustes malware txiav txim siab coj kom zoo dua ntawm qhov tsis zoo no.
Tam sim no txhua tus neeg uas hloov kho sai sai tuaj yeem "zoo siab" dua: Lub Xya Hli 21, 2019, tus kws tshawb fawb Zerons tau tshawb pom qhov teeb meem tseem ceeb hauv Exim Mail Transfer agent (MTA) thaum siv TLS rau versions ntawm 4.80 rau 4.92.1 suav nrog, tso cai rau tej thaj chaw deb ua code nrog cov cai muaj cai (CVE-2019-15846).
Txhawm rau kom tsis txhob muaj kev cuam tshuam ntawm qhov tsis zoo, nws yuav zoo dua los hloov kho rau lub version Exim Internet Mailer 4.92.2.
Yog tias nws tsis tuaj yeem hloov kho lossis nruab ib lub patched version, koj tuaj yeem teeb tsa ACL hauv Exim configuration rau qhov kev xaiv acl_smtp_mail nrog rau cov cai hauv qab no:
# to be prepended to your mail acl (the ACL referenced
# by the acl_smtp_mail main config option)
deny condition = ${if eq{}{${substr{-1}{1}{$tls_in_sni}}}}
deny condition = ${if eq{}{${substr{-1}{1}{$tls_in_peerdn}}}}