[SECURITY] [DLA 2650-1] exim4 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2650-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
May 05, 2021 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : exim4
Version : 4.89-2+deb9u8
CVE ID : CVE-2020-28007 CVE-2020-28008 CVE-2020-28009
CVE-2020-28011 CVE-2020-28012 CVE-2020-28013
CVE-2020-28014 CVE-2020-28015 CVE-2020-28017
CVE-2020-28019 CVE-2020-28020 CVE-2020-28021
CVE-2020-28022 CVE-2020-28023 CVE-2020-28024
CVE-2020-28025 CVE-2020-28026
The Qualys Research Labs reported several vulnerabilities in Exim, a mail
transport agent, which could result in local privilege escalation and
remote code execution.
Details can be found in the Qualys advisory at
https://www.qualys.com/2021/05/04/21nails/21nails.txt
For Debian 9 stretch, these problems have been fixed in version
4.89-2+deb9u8.
We recommend that you upgrade your exim4 packages.
For the detailed security status of exim4 please refer to its security
tracker page at: https://security-tracker.debian.org/tracker/exim4
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmCSdaRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdbjxAAs2u8DRFpTKQRB/RnUbobesrZUchr2FH96gJNUWLqQBvFdRs2fa5ub5MS
G+fQxtTRvFdAADwtl5792m3TVsjcQW6P3uqa1CWgqqP3NMPhHPaOMy3pdSnKOA08
k17M//FQIhwpPlr1kK6MEn29vVpHH/1zR6EHfA1pJgYRTCRjLEuRc+fsTE7d0NjG
I3wbMbv/tGlDo80Od5B22wfqP8i8M33ZX8lQAoQc+GyCuU+R5rRtGAhH/+JkMt+b
iVvFo5L+V0TJBPkInPLCgnoOJJLnU9+o2hzbcJ6Lag0BcP67oIAqr91MVL7/p6MK
YS7FDXN2d4jZzzRIRXaFvtyFb9ajbgoA5ozyti2+grbgHA+cX4x/awaAxJzoV4qY
En75wx+0/Qbzzkk4zApsYOgmrBgUHa9y4plDT6JEOxM1gPPjVftxTO7ARGYNMQJl
L2Udje2TkE9rxQQmm5jnAqIoX/uMrun0fOOwiY/zXL9PfcVZBShwQNo2Q7BKXQSA
46srW9a9WZu8CqIdofMQZXyzP2qmPeDuk2gwWnRPxwmnzmgFGLK2XMHzHUa3Fs+S
kNWuk02X+UIL0owOr8dPlcZquH99QPUa1lwuVYz9AVl9+q30q6sspIyHWYI/GDtU
o9OW1hyXjlgyNjBaJW8MsQvT7ggbtgy+ptyGaEI9LVVqzX39CQI=
=audv
-----END PGP SIGNATURE-----
Reply to: