[3.9] exim: Remote command execution in deliver_message() function in /src/deliver.c (CVE-2019-10149)
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper
validation of recipient address in
deliver_message() function in /src/deliver.c may lead to remote command execution.
Fixed In Version:
(from redmine: issue id 10541, created on 2019-06-06, closed on 2019-06-12)
- Revision 65097c9c by Mike Sullivan on 2019-06-10T15:37:56Z:
community/exim: fix broken link with upgrade to 4.92 fixes #10541 (CVE-2019-10149) (cherry picked from commit a6e92b2adbed5e2905258a37f8b1980700612929)