-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5512-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 02, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2023-42114 CVE-2023-42115 CVE-2023-42116 Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticators are used. For the oldstable distribution (bullseye), these problems have been fixed in version 4.94.2-7+deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 4.96-15+deb12u2. We recommend that you upgrade your exim4 packages. For the detailed security status of exim4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/exim4 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUa1ApfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TGThAAlhXEHvEOP7MfFaNN2Nh6Dl6wtFkPjYKB7wljZajtIkmk7IgsxREOMDC+ In+344UwfMJyZB49uvO15EV1dcHwUlOAIaDrFMN4SyMVWP+OllFEDMnexQ0+UyuP m0AGMdvokXQq+5tgaRjP7ThOVM0z3+hbPzRr4tQi2tjB/0k1/p9vC4aDJuuf1i8M iVDvtF4s38zlB1f6oCezulgb+wd53VGjL6vk8nzCxWe6RNtpsxzZGdRnA30tDGaB PvdMSbDEcx85U7DViAtXzVvJe+1IdSTBxu8rrUqR9Md1V1zLf8PPyblENwZlc/zJ 9ad+EuQnYwsiYUnE72pFYO1mR0b8aE7W8V1t96ijOr323oCN2aWI4HWiteEHcGt8 UlE9CT1OG+c5caf7s0L984wEigJxYzc9gTtjX1Y5kh2CAjmvjxPO3v+jRQkPqP9i /x/ax0IvXXeffEUtru1qFscXsgsNru53yRHoGGCo1vwNNwBLuNyD48yFukNFc8rx KK+fjJrCOeSuM21k97T86k9B6sA26IFz/eQJtPXrSC6lzyU75RBWmbPrjEsnqv7G sGUtz1RLLqELhorv+u2SChWsxHMd5rOsZ46bDGoIe+SW7A568blD5P/fv36HYPPX PjFRU7XLS7SUE08cxMUkLHJWMJ/fwIIyEtjoL26oW7r60ITaljg= =+Ajg -----END PGP SIGNATURE-----