-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 27 Mar 2025 17:04:05 +0100 Source: exim4 Architecture: source Version: 4.98.1-2~bpo12+1 Distribution: bookworm-backports Urgency: high Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org> Changed-By: Andreas Metzler <ametzler@debian.org> Closes: 1092910 Changes: exim4 (4.98.1-2~bpo12+1) bookworm-backports; urgency=medium . * Rebuild for bookworm-backports. . exim4 (4.98.1-2) unstable; urgency=high . * Fix use-after-free (requiring local command-line access) notified by Trend Micro (ref: ZDI-CAN-26250). this is 4.98.2 without the version number bump. CVE-2025-30232 . exim4 (4.98.1-1) unstable; urgency=medium . * Refresh upstream keys from https://downloads.exim.org/Exim-Maintainers-Keyring.asc * New upstream version (Basically identical to 4.98 + 81_Squashed-from-fix-cve-2025-26794-fixes-CVE-26794.patch) . exim4 (4.98-4) unstable; urgency=high . * Cherry-pick patches from upstream git master: + 79_Dovecot-fix-protocol-sequence-for-version-2.4.0.patch (Compliance with upcoming dovecot v1.3 auth protocol) * Use default 550 message in lowuid_aliases router ("Unrouteable address" instead of "no mail to system accounts") to avoid disclosing information on installed packages. Closes: #1092910 * 81_Squashed-from-fix-cve-2025-26794-fixes-CVE-26794.patch: Upgrade to 4.98.1, fixing CVE-2025-26794. This is a SQL injection for the (Sqlite-)hints database with ETRN. Debian binaries do not yet use sqlite for the hints DB so this just only affects users building their own binaries from sources and switching to sqlite-hints-DB. Checksums-Sha1: e42e243b0426766340a1505e85bdad8e8958672e 2930 exim4_4.98.1-2~bpo12+1.dsc a5a2a3e163d62b07af58e9127bbbe29d71be6a4d 1928540 exim4_4.98.1.orig.tar.xz 7abf052ad818f0f455d66d6384a2decf579bbd6c 833 exim4_4.98.1.orig.tar.xz.asc cd524f2d6bce5d99313404defba4846c0125853e 486212 exim4_4.98.1-2~bpo12+1.debian.tar.xz Checksums-Sha256: c573fa5c5ab4496250b4fbd44edeb99d0a205b190bd4b94599a7eeeb4aaaeded 2930 exim4_4.98.1-2~bpo12+1.dsc d858b75ad2cc6bf71c9071ba26a55b3ea9add26607bd832df3cb54f82221c2ce 1928540 exim4_4.98.1.orig.tar.xz 31f21c26e2b20fa8270fd3ebe8772ab78c0d6d828f40e29ee1eae48bbd13c067 833 exim4_4.98.1.orig.tar.xz.asc 3526a0abdfc9d642168bd1ac931b99a3d0b13cb16ebdf72ec0dfebb80ec94fb4 486212 exim4_4.98.1-2~bpo12+1.debian.tar.xz Files: 1b04c2d88d8491c5a7017e9ada981df3 2930 mail standard exim4_4.98.1-2~bpo12+1.dsc 7465a700b17ce3c01d59d7e0d59be5a1 1928540 mail standard exim4_4.98.1.orig.tar.xz 1b33dcac1952a381702de617735258eb 833 mail standard exim4_4.98.1.orig.tar.xz.asc 54e6c0a8e1ee41d88430e5c8c22a6749 486212 mail standard exim4_4.98.1-2~bpo12+1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmflhqQACgkQpU8BhUOC FIRlaw//XDgMN+d6E4TTOhjJKc09sG0Rb+sGs/QttLWZs/wd6JLkGTclqtCYUwj1 xtp96NYzA8hz0Eh5DQZTJIktz6IhZajA8LaXCw2zhS8awnRdaQhmY2dHAcbsxPbb jFEE9c/FO2V6mm9fW7n5Q/IM81U7SJxf421L7tS5rMh/34ieizm+xSCxlVEiFXQ9 qik5c3hgpGQZIZYQSvv3nWMEMxz4ftjj4BUPjtUi3NXv9po0cGbCGpSIEvIabe2Y ybhWhgSd43mgng7UPdKlvoSdJAVR8Fx8knGdal/rOJubFjrg8dkr0YyOyOfwMQEx mW4phTX2Hmor+4CPByM+6M0ptI//eJoZ9w2h3HdX+vS3lWtYzFkKYcCGtq29fNTS hZxH9hXNSGbZkevLhV28QLfuAWN9asY7MTillIlo1TdVv1wzTjQFLnooEy9B9ugl gzelQ1dHMwnuNH9/pYhLHlwUTwvDo49WRxr+WOe8JAScVLME8lPsx+g1xpRZXWr4 21BmFSijrbb8cx1guna9tLRXhOIQRQBef5WCowGUGbIGtnldvWaKbKrOkXuOb6vk tpzQvhkWQconuR7j7/drLyRg/hGiPP9INRAACAKub3B1SeqS1eTkdJRt7q5IycXv 9vF0qm+/u7phBrdbUU1sUjfp4hWNShIJzYLsX0gThciJ2vpkKIE= =HWHT -----END PGP SIGNATURE-----
