CVE-2019-13917 log

Severity Critical
Remote Yes
Type Arbitrary code execution
Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
Group Package Affected Fixed Severity Status Ticket
AVG-1011 exim 4.92-1 4.92.1-1 Critical Fixed
Date Advisory Group Package Severity Type
05 Aug 2019 ASA-201908-4 AVG-1011 exim Critical arbitrary code execution