Information on source package exim4

Available versions

ReleaseVersion
wheezy4.80-7+deb7u3
wheezy (security)4.80-7+deb7u5
jessie (security)4.84.2-2+deb8u4
stretch (security)4.89-2+deb9u2
buster4.90~RC3-2
sid4.90~RC4-1

Resolved issues

BugDescription
CVE-2017-16944The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...
CVE-2017-16943The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...
CVE-2017-1000369Exim supports the use of multiple "-p" command line arguments which ...
CVE-2016-9963Exim before 4.87.1 might allow remote attackers to obtain the private ...
CVE-2016-1531Exim before 4.86.2, when installed setuid root, allows local users to ...
CVE-2014-2972expand.c in Exim before 4.83 expands mathematical comparisons twice, ...
CVE-2014-2957The dmarc_process function in dmarc.c in Exim before 4.82.1, when ...
CVE-2012-5671Heap-based buffer overflow in the dkim_exim_query_dns_txt function in ...
CVE-2011-1764Format string vulnerability in the dkim_exim_verify_finish function in ...
CVE-2011-1407The DKIM implementation in Exim 4.7x before 4.76 permits matching for ...
CVE-2011-0017The open_log function in log.c in Exim 4.72 and earlier does not check ...
CVE-2010-4345Exim 4.72 and earlier allows local users to gain privileges by ...
CVE-2010-4344Heap-based buffer overflow in the string_vformat function in string.c ...
CVE-2010-2024transports/appendfile.c in Exim before 4.72, when MBX locking is ...
CVE-2010-2023transports/appendfile.c in Exim before 4.72, when a world-writable ...
CVE-2005-0022Buffer overflow in the spa_base64_to_bits function in Exim before ...
CVE-2005-0021Multiple buffer overflows in Exim before 4.43 may allow attackers to ...
CVE-2004-0400Stack-based buffer overflow in Exim 4 before 4.33, when the ...
CVE-2004-0399Stack-based buffer overflow in Exim 3.35, and other versions before 4, ...
CVE-2002-1381Format string vulnerability in daemon.c for Exim 4.x through 4.10, and ...

Security announcements

DSA / DLADescription
DSA-4053-1exim4 - security update
DLA-1001-1exim4 - security update
DSA-3888-1exim4 - security update
DSA-3888-1exim4 - security update
DSA-3747-1exim4 - security update
DLA-762-1exim4 - security update
DSA-3517-1exim4 - security update
DSA-3517-1exim4 - security update
DSA-2566-1exim4 - heap overflow
DSA-2236-1exim4 - command injection
DSA-2232-1exim4 - format string vulnerability
DSA-2154-1exim4 - privilege escalation
DSA-2131-1exim4 - remote code execution

Search for package or bug name: Reporting problems