FreeBSD: VID-3e0da406-aece-11e9-8d41-97657151f8c2 (CVE-2019-13917): Exim -- RCE in ${sort} expansion

Exim team report: A local or remote attacker can execute programs with root privileges - if you've an unusual configuration. If your configuration uses the ${sort } expansion for items that can be controlled by an attacker (e.g. $local_part, $domain). The default config, as shipped by the Exim developers, does not contain ${sort }. The vulnerability is exploitable either remotely or locally and could be used to execute other programs with root privilege. The ${sort } expansion re-evaluates its items. Exim 4.92.1 is not vulnerable.