Univention Bugzilla – Bug 56706
exim4: Multiple issues (5.0)
Last modified: 2023-10-11 16:36:32 CEST
New Debian exim4 4.92-8+deb10u8 fixes: This update addresses the following issues: 4.92-8+deb10u8 (Mon, 02 Oct 2023 08:59:59 +0200) * Non-maintainer upload by the LTS team. * Address SPA authenticator vulnerabilities (CVE-2023-42114, CVE-2023-42116) - Auths: use uschar more in spa authenticator - Auths: fix possible OOB write in SPA authenticator (CVE-2023-42116) - Auths: fix possible OOB read in SPA authenticator (CVE-2023-42114)
--- mirror/ftp/pool/main/e/exim4/exim4_4.92-8+deb10u7.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/exim4_4.92-8+deb10u8.dsc @@ -1,3 +1,11 @@ +4.92-8+deb10u8 [Mon, 02 Oct 2023 08:59:59 +0200] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Address SPA authenticator vulnerabilities (CVE-2023-42114, CVE-2023-42116) + - Auths: use uschar more in spa authenticator + - Auths: fix possible OOB write in SPA authenticator (CVE-2023-42116) + - Auths: fix possible OOB read in SPA authenticator (CVE-2023-42114) + 4.92-8+deb10u7 [Wed, 24 Aug 2022 18:23:44 +0200] Sylvain Beucler <beuc@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-5/#6589740185479751690>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] d033cd77b3 Bug #56706: exim4 4.92-8+deb10u8 doc/errata/staging/exim4.yaml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) [5.0-5] 9d5e0aef99 Bug #56706: exim4 4.92-8+deb10u8 doc/errata/staging/exim4.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x831>