UbuntuUpdates.org

Package "exim4"

Name: exim4

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • monitor application for the Exim MTA (v4) (X11 interface)

Latest version: 4.96-14ubuntu1.3
Release: lunar (23.04)
Level: updates
Repository: universe

Links



Other versions of "exim4" in Lunar

Repository Area Version
base main 4.96-14ubuntu1
base universe 4.96-14ubuntu1
security main 4.96-14ubuntu1.3
security universe 4.96-14ubuntu1.3
updates main 4.96-14ubuntu1.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.96-14ubuntu1.3 2023-10-27 01:10:02 UTC

  exim4 (4.96-14ubuntu1.3) lunar-security; urgency=medium

  * SECURITY UPDATE: remote code execution
    - debian/patches/CVE-2023-42117.patch: fixed string_is_ip_address()
      in string.c
    - CVE-2023-42117
  * SECURITY UPDATE: information disclosure
    - debian/patches/CVE-2023-42119.patch: hardened dnsdb.c against
      crafted DNS responses.
    - CVE-2023-42119

 -- Allen Huang <email address hidden> Wed, 25 Oct 2023 01:34:55 +0100

Source diff to previous version
CVE-2023-42117 Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability
CVE-2023-42119 Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability

Version: 4.96-14ubuntu1.2 2023-10-04 16:10:20 UTC

  exim4 (4.96-14ubuntu1.2) lunar-security; urgency=medium

  * SECURITY UPDATE: information disclosure
    - debian/patches/CVE-2023-42114.patch: fix possible OOB read in
      SPA authenticator
    - CVE-2023-42114
  * SECURITY UPDATE: remote code execution
    - debian/patches/CVE-2023-42115.patch: fix possible OOB write in
      external authenticator
    - CVE-2023-42115
  * SECURITY UPDATE: remote code execution
    - debian/patches/CVE-2023-42116.patch: fix possible OOB write in
      SPA authenticator
    - CVE-2023-42116
  * debian/patches/CVE-2023-42114_15_16.patch:
    - use uschar more in spa authenticator

 -- Allen Huang <email address hidden> Mon, 02 Oct 2023 16:53:24 +0100

Source diff to previous version
CVE-2023-42114 Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2023-42115 Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2023-42116 Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability

Version: 4.96-14ubuntu1.1 2023-07-10 12:06:54 UTC

  exim4 (4.96-14ubuntu1.1) lunar; urgency=medium

  * d/p/fix-run--arg-parsing.patch: Fix argument parsing for ${run }
    expansion. Previously, when an argument included a close-brace
    character (e.g. it itself used an expansion) an error occurred.
    (LP: #1998678)

 -- Bryce Harrington <email address hidden> Fri, 10 Feb 2023 00:17:40 -0800

1998678 SPF check fails in exim4 with \



About   -   Send Feedback to @ubuntu_updates