Thread View: gmane.mail.exim.announce
1 messages
1 total messages
Started by Heiko Schlitterm
Wed, 21 Apr 2021 14:36
Exim security release ahead
Author: Heiko Schlitterm
Date: Wed, 21 Apr 2021 14:36
Date: Wed, 21 Apr 2021 14:36
107 lines
3199 bytes
3199 bytes
--===============0584701050==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="RLVVO53zhS75EYih"
Content-Disposition: inline
--RLVVO53zhS75EYih
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Dear Exim-Users and maintainers,
this is a *heads up* notice only. No action is required on your part
right now.
Abstract
--------
Several exploitable vulnerabilities in Exim were reported to us and are
fixed.
We have prepared a security release, tagged as "exim-4.94.1".
This release contains all changes on the exim-4.94+fixes branch plus
security fixes.
Schedule
--------
2021-04-27 13.30 UTC: Grant access to the security repos
for distro maintainers
2021-05-04 13:30 UTC: Publish the release on the public
repos/website/etc
Repositories
------------
The sources *will* be available on our security repo:
tarballs: git@git.exim.org:exim-packages-security.git
source: git@git.exim.org:exim-security.git
tag: exim-4.94.1
Access to these security Git repos will be granted for the known set of
Exim maintainers and distro packagers first. Please reach out to us, if
you need further details or if you think, you should be part of this
set.
One week after granting access to the distro packagers the release will
be pushed to the well known public repos as usual.
Details
-------
The current Exim versions (and likely older versions too) suffer from
several exploitable vulnerabilities. These vulnerabilities were reported
by Qualys via security@exim.org back in October 2020.
Due to several internal reasons it took more time than usual for the Exim
development team to work on these reported issues in a timely manner.
We explicitly thank Qualys for reporting *and* for providing patches for
most of the reported vulnerabilities.
Thank you for using Exim.
Best regards from Dresden/Germany
Viele Gr=C3=BC=C3=9Fe aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
--RLVVO53zhS75EYih
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEE0L/WueylaUpvFJ3Or0zGdqa2wUIFAmCAHE8ACgkQr0zGdqa2
wULR2Qf+PylPDeAsgJLyS7GJDiiIuqOU7ABGFfgYueMGZ83OfYLmUiMIihA2BJ4T
NyCDFC4CnSIkC/ETKO5mO5/oce4gR2bGAjiKe/0xDQYnSUpjml55drIqnlHzxQCn
gY2uofoGI9UlJIv87bt9Hij22Q1JSOjlFeDBi3U3/tb4r51pjj2rYGXLUI/zdIUZ
ZdN0y9YA8avF7GK2r76X6gw0CSs10/xY1YPLOu6kchTz1FXqE/Ywsg6QHWcfnAmC
FaXY22lxwoKaOexRmSFy+QFd/wRdwrvuZlwdkA7/mpnXnNl9wVezYddXQgks/SxL
RQ6bH5G+F6+MqVPPiuR05Mv9UajMKg==
=jAoN
-----END PGP SIGNATURE-----
--RLVVO53zhS75EYih--
--===============0584701050==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
## List details at https://lists.exim.org/mailman/listinfo/exim-announce Exim details at http://www.exim.org/ ##
--===============0584701050==--
Thread Navigation
This is a paginated view of messages in the thread with full content displayed inline.
Messages are displayed in chronological order, with the original post highlighted in green.
Use pagination controls to navigate through all messages in large threads.
Back to All Threads