git://git.exim.org
/
exim-website.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
chg: add note about CVE-2021-38371 about not being a problem
[exim-website.git]
/
templates
/
static
/
doc
/
security
/
CVE-2021-38371.txt
diff --git
a/templates/static/doc/security/CVE-2021-38371.txt
b/templates/static/doc/security/CVE-2021-38371.txt
index dfb748ba9004ee573690f6c2d223a32b4b8d8dec..f24609a22022e366807be193aa534e236d0a5c5b 100644
(file)
--- a/
templates/static/doc/security/CVE-2021-38371.txt
+++ b/
templates/static/doc/security/CVE-2021-38371.txt
@@
-5,6
+5,9
@@
Reporter: Damian Poddebniak, Fabian Ising, Hanno Böck, and Sebastian Schinzel
Reference: https://nostarttls.secvuln.info/
Issue: Possible MitM attack on STARTTLS when Exim is *sending* email.
Reference: https://nostarttls.secvuln.info/
Issue: Possible MitM attack on STARTTLS when Exim is *sending* email.
+** The Exim developers do not consider this issue as a security problem.
+** Additionally, we do not have any feedback about a successful attack
+** using the scenario described below.
Conditions to be vulnerable
===========================
Conditions to be vulnerable
===========================