Accepted exim4 4.94.2-7+deb11u1 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted exim4 4.94.2-7+deb11u1 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 07 Oct 2023 21:17:54 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: exim4_4.94.2-7+deb11u1_sourceonly.changes
- Debian-source: exim4
- Debian-suite: oldstable-proposed-updates
- Debian-version: 4.94.2-7+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=NM8S4KBnXrFnXJcczkHOAHLX6Ns1bUZ3aj+f6wrFGGA=; b=mrIrDEGK3rioDxIdT4Dw+vQyMT NA0y/SLxHcLoZTrpKkRoVN2mXVz2URXTvn8rFstz24stnVEQJccBCyEAv2qlnsj5kFYbTakfKJrnV oTAzt5xM3K2Bn/KUFER/29qAURFSZVJuNDKz0ahxFTdUlBsBWSdYiMnJWURjcQPp85Il5xwbLlEuO TiFPG7iD3NThjUw5M6m7IdDy52jmw8gSv459FoafW6InpIxXd648aAJdM2s73EmKc4fM4Uo9UTqEm tgEqQpQEAzTxMHqx5I1qYYRu8n7B6rEAmjWYC6ggAtLE4YE/8vzj7b+XcxwOJuKs+cgC8q2vIK022 dNB+sZ4A==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qpEgM-00DitY-IL@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 29 Sep 2023 23:23:04 +0200
Source: exim4
Architecture: source
Version: 4.94.2-7+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
exim4 (4.94.2-7+deb11u1) bullseye-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Address external and SPA authenticator vulnerabilities (CVE-2023-42114,
CVE-2023-42115, CVE-2023-42116)
- Auths: fix possible OOB write in external authenticator (CVE-2023-42115)
- Auths: use uschar more in spa authenticator
- Auths: fix possible OOB write in SPA authenticator (CVE-2023-42116)
- Auths: fix possible OOB read in SPA authenticator (CVE-2023-42114)
Checksums-Sha1:
9a2630371a3ccce2090b9f1f364d45f666fc7a49 3082 exim4_4.94.2-7+deb11u1.dsc
4854541833583d82c6e667d3dde566d41162eec3 1838076 exim4_4.94.2.orig.tar.xz
a042b2dcaee770d7a5c54c8434b27cf10a902aa3 488 exim4_4.94.2.orig.tar.xz.asc
bd867fcbb1e185a2871d7be6c4200db6a8f67d98 485668 exim4_4.94.2-7+deb11u1.debian.tar.xz
Checksums-Sha256:
22aeb5aafaad44b4c7d3027b4a09a0b3a1521c5a5ae9214c653bdae5e43a2308 3082 exim4_4.94.2-7+deb11u1.dsc
051861fc89f06205162f12129fb7ebfe473383bb6194bf8642952bfd50329274 1838076 exim4_4.94.2.orig.tar.xz
5546fb401d778bc8c8df35d9584612d10a4a896cde5f130c119f98297a18df73 488 exim4_4.94.2.orig.tar.xz.asc
76d391806924abaf1e8c046dea35b1c0485a5ecbfff843dd544e1a34d175ec6a 485668 exim4_4.94.2-7+deb11u1.debian.tar.xz
Files:
8db04c3c49b57f8f4d2d107969ed6435 3082 mail standard exim4_4.94.2-7+deb11u1.dsc
4fbf1ebb36f0f43bb94ed0848eb13256 1838076 mail standard exim4_4.94.2.orig.tar.xz
ceddf936e03226c4364c4c59e7461788 488 mail standard exim4_4.94.2.orig.tar.xz.asc
78ee1429c8182f6be9ddc53fe3770ae2 485668 mail standard exim4_4.94.2-7+deb11u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUYIKZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EM9IP/2bgxKWIH5nHt6RpcWUi79Jjo7K4tS38
dORML3chdX5W8qiOUPyt3whGM1jVemq/vfTm8/J2ap4s0m9KWBm8jkzgQvqV3wWu
xZYqI0VC6cRxAL6gKEeDiXdVWnBFc0o1kPOybLpB9E1+5MUoBis7iJSCOnMMUj0n
fuD4GMiX/gxvsXG2HkPB5Dyafat1mfJl41D/+rGE5x2A7G7Ah6hYIhBf8jT0sM31
lH6SeH2Jibuzkr1xFJL+VmRUzTdCU26pULsQXMZXSW52wbqnKVtL+Xf/PE4KJikW
uc6LgG5VHVpk0WI4wEcxSbrAEVYma20A6oLmdhSlamVKd6YzcFRPUlLK4KxBGY9C
/uwJ+v0L+277j1GjCVvbfQ8E2+Ciiu8bzgIDdioqurSgrdiidKlUVn46rAQ/wjMq
SBU5N99X3rq+TMIIX+W+qjj7AybM+gLmklc787mN1pKO8bWG60cHO+hp/EuepvUa
HAWgzWOf96FTBaaR62HzkaNZ/UrXQHMwBDykaXM9d5RaNX+p9hWRiY7O9wX+3RJj
yGLBz6pfpAyizIi7UHrc/xXk8qxCTwtXoD2tLquyMt4cWYdTYdzTVNodxnEgMpTA
AbiNuAgBEoFu/i6HJVnxpWEJ7VqEFfCgSFXuWNpnCwa8uZ+KeTwc4/rJ9cTS8n8q
yAfEVoBGfrUv
=yXBA
-----END PGP SIGNATURE-----