git://git.exim.org / exim.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d8c9f31) | patch
Suggestion from Qalys:
authorJeremy Harris <jgh146exb@wizmail.org>
Fri, 7 May 2021 12:09:12 +0000 (13:09 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Sun, 27 Jun 2021 23:30:02 +0000 (00:30 +0100)
commit3109898a5e815a04f505c73b67493ef15d9f0665
tree9d5831515d796dd84f45203e49be7539a9489a0dtree | snapshot
parentd8c9f31a3ec7a424ac9465604c397f1882b05567commit | diff
Suggestion from Qalys:

If I may add one more thing, there is an issue that should be addressed
sooner rather than later: the writable configuration at the beginning of
the heap. A short-term (and hopefully non-intrusive) solution may be to
mmap() the configuration instead, and then mprotect(PROT_READ) it. This
would mitigate the exploitation technique that almost all Exim exploits
have been using.
Master Exim source repository