UbuntuUpdates.org

Package "exim4"

Name: exim4

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • monitor application for the Exim MTA (v4) (X11 interface)

Latest version: 4.90.1-1ubuntu1.8
Release: bionic (18.04)
Level: security
Repository: universe

Links



Other versions of "exim4" in Bionic

Repository Area Version
base main 4.90.1-1ubuntu1
base universe 4.90.1-1ubuntu1
security main 4.90.1-1ubuntu1.8
updates universe 4.90.1-1ubuntu1.8
updates main 4.90.1-1ubuntu1.8

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.90.1-1ubuntu1.8 2021-05-04 15:07:14 UTC

  exim4 (4.90.1-1ubuntu1.8) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/sec-may2021-*.patch: backport patches from upstream to
      correct issues.
    - CVE-2020-28007, CVE-2020-28008, CVE-2020-28009, CVE-2020-28010,
      CVE-2020-28011, CVE-2020-28012, CVE-2020-28013, CVE-2020-28014,
      CVE-2020-28015, CVE-2020-28016, CVE-2020-28017, CVE-2020-28018,
      CVE-2020-28019, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022,
      CVE-2020-28023, CVE-2020-28024, CVE-2020-28025, CVE-2020-28026,
      CVE-2021-27216

 -- Marc Deslauriers <email address hidden> Fri, 30 Apr 2021 10:15:04 -0400

Source diff to previous version

Version: 4.90.1-1ubuntu1.5 2020-05-19 14:06:32 UTC

  exim4 (4.90.1-1ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read
    - debian/patches/CVE-2020-12783-*.patch: fix SPA
      authenticator, checking client-supplied data before using it
      in src/auths/spa.c, src/auths/spa-spa.c.
    - CVE-2020-12783

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 14 May 2020 10:10:01 -0300

Source diff to previous version
CVE-2020-12783 Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/aut

Version: 4.90.1-1ubuntu1.4 2019-09-06 14:08:20 UTC

  exim4 (4.90.1-1ubuntu1.4) bionic-security; urgency=medium

  * SECURITY UPDATE: remote command execution
    - debian/patches/CVE-2019-15846.patch: ensure not to interpret '\\'
      before '\0' in src/string.c
    - CVE-2019-15846

 -- Alex Murray <email address hidden> Wed, 04 Sep 2019 21:14:01 +0930

Source diff to previous version
CVE-2019-15846 local or remote attacker can execute programs with root privileges

Version: 4.90.1-1ubuntu1.3 2019-07-25 17:07:31 UTC

  exim4 (4.90.1-1ubuntu1.3) bionic-security; urgency=medium

  * SECURITY UPDATE: code execution via ${sort }
    - debian/patches/CVE-2019-13917.patch: avoid re-expansion in ${sort }
      in src/expand.c.
    - CVE-2019-13917

 -- Marc Deslauriers <email address hidden> Fri, 19 Jul 2019 07:13:51 -0400

Source diff to previous version

Version: 4.90.1-1ubuntu1.2 2019-06-05 18:07:33 UTC

  exim4 (4.90.1-1ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: remote command execution
    - debian/patches/CVE-2019-10149.patch: fix parsing logic in
      src/deliver.c.
    - CVE-2019-10149

 -- Marc Deslauriers <email address hidden> Tue, 04 Jun 2019 14:44:51 -0400




About   -   Send Feedback to @ubuntu_updates