-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2026 11:31:20 +0200 Source: exim4 Binary: exim4-base exim4-base-dbgsym exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym Architecture: armel Version: 4.98.2-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: armel Build Daemon (arm-conova-04) Changed-By: Andreas Metzler Description: exim4-base - support files for all Exim MTA (v4) packages exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Closes: 1134984 Changes: exim4 (4.98.2-1+deb13u1) trixie; urgency=medium . * Fix GnuTLS hostname verify of a server certificate with a zero-length Subject. Patch from upstream GIT master (Closes: #1134984) * Pull CVE-fixes from 4.99.2 +CVE-2026-40684 Possible crash with malicious DNS data when using musl libc On systems using musl libc (not glibc) due to an oddity in octal printing it is possible to crash the connection instance when malformed DNS data is present in PTR records. +CVE-2026-40685 Possible OOB read/write on corrupt JSON in header configurations using json operators on invalid externally-provided input could trigger heap corruption. +CVE-2026-40686 Possible OOB read with large UTF8 trailing characters configurations using utf8 operators on malformed utf8 in headers could trigger OOB reads and might trigger some data leak if error messages are required for subsequent emails in the current connection and similar malformed headers are present. +CVE-2026-40687 Possible OOB read/write with SPA authenticator in configurations using the SPA authentication driver to a hostile/compromised external SPA/NTLM connection it is possible to trigger an OOB read/write and crash the connection instance or possibly leak heap data to the instance. Checksums-Sha1: 4320afa3991fd30c112b79d3b3cec8c095c178bf 130168 exim4-base-dbgsym_4.98.2-1+deb13u1_armel.deb 0cd9daae9f59577d406aa06d3cb2ffd3b0412b28 1138640 exim4-base_4.98.2-1+deb13u1_armel.deb 1969e367916a4a5e6afe2dde4326b314a2846239 1655016 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armel.deb 145ac6beeb94fb4d46d2fb5b1ee8df4ca7720786 622192 exim4-daemon-heavy_4.98.2-1+deb13u1_armel.deb db2f729f5e04cea090052dddb659dae8892a43b8 1455668 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armel.deb ecbb4f8965037a3b9e0a299fb34468c5daaa3f86 570104 exim4-daemon-light_4.98.2-1+deb13u1_armel.deb 5b5c04c77ee5d5b091456019fb12f173663345bb 36056 exim4-dev_4.98.2-1+deb13u1_armel.deb 345b5ff41fa9b02c7ecc927ec8ec9c8aec4be609 11116 exim4_4.98.2-1+deb13u1_armel-buildd.buildinfo 763ecb2ca1432f44b5875a830fd488f3a5c67d30 137180 eximon4-dbgsym_4.98.2-1+deb13u1_armel.deb 396fb2fa0207221ce1dc08c7a8f3347f95bb074f 68448 eximon4_4.98.2-1+deb13u1_armel.deb Checksums-Sha256: 8f90eb145c9ca6e9cf9a07f98f7eecad4707e05b27e430e46ebd60e2762be92d 130168 exim4-base-dbgsym_4.98.2-1+deb13u1_armel.deb 4b63be6d4158ec9feb42915d1174eb9435002eccf1226568ab977cf87e7fc39d 1138640 exim4-base_4.98.2-1+deb13u1_armel.deb 33721de4cd220c62ae787809f5eb45c3f39f061c15852fc7c49d833ac9096407 1655016 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armel.deb 810130cf7c9611093a3bdeb3914885e9f85e0f0993fbd1e3843f1d23b80ec490 622192 exim4-daemon-heavy_4.98.2-1+deb13u1_armel.deb 7d9438124ae5b2fd6d7349c4208558e2ad1feac05204be6539fa0e1cc26b5792 1455668 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armel.deb 61de74d40178efaed29b799a09bd778f444627143244b84eb074f2b88f1072ae 570104 exim4-daemon-light_4.98.2-1+deb13u1_armel.deb dabd9fa79d3b61f47c697147c23de17b325c7bae9ff731f3ae6792f574e483ba 36056 exim4-dev_4.98.2-1+deb13u1_armel.deb b2abc4f56170ce0b7a7cfc9d18c2791753ca4e5e0c71b37dfdac654a28d59278 11116 exim4_4.98.2-1+deb13u1_armel-buildd.buildinfo d38f3493dede0b2078b405d9c35fee051fef7459e5771acfb0960cad906f1b26 137180 eximon4-dbgsym_4.98.2-1+deb13u1_armel.deb dd8c515c813e273b21ac5ca32c0c12b49462d93ff4c33d8e5934cf8a7c82ce4c 68448 eximon4_4.98.2-1+deb13u1_armel.deb Files: 47d850b7d0885817b9a58b1a24729295 130168 debug optional exim4-base-dbgsym_4.98.2-1+deb13u1_armel.deb c678e95378d6c023d9ac8b4b100be6af 1138640 mail optional exim4-base_4.98.2-1+deb13u1_armel.deb 011c33383837f2650dfff1dd5fe830d9 1655016 debug optional exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armel.deb 638a8c452e37de97d65682ac2c8cdb6a 622192 mail optional exim4-daemon-heavy_4.98.2-1+deb13u1_armel.deb eec11159bc8bd2c98c6e0f65fb40b49a 1455668 debug optional exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armel.deb 9b84ef6fbe8b088cfc87b2656f9bb0a8 570104 mail optional exim4-daemon-light_4.98.2-1+deb13u1_armel.deb 8294b9c522f2276a888474fef1175b97 36056 mail optional exim4-dev_4.98.2-1+deb13u1_armel.deb b9b606905eb7de67c967283b03bf14d8 11116 mail standard exim4_4.98.2-1+deb13u1_armel-buildd.buildinfo 0f0dc7b104e1bd165e76dc48e63333d1 137180 debug optional eximon4-dbgsym_4.98.2-1+deb13u1_armel.deb 20000c8eee63416affe25ddcbe349685 68448 mail optional eximon4_4.98.2-1+deb13u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmn3hrAACgkQScpU3dYu lLgqBw/+PufDZsW/pALkuyueSPF+jPEx1Ovid5TAYbsANTiGIGxs9fg4C2lWzqsS bAV7oZVAQfFDSCnX3OnDFVjBv/2M/CPr/lHt9PK6DXEBZ2Qw/nkup4+MU2mA88mB lBeqvlrenoGYg3yBd2zXr5ATmh6q5Auvx9qQYn6LBDH5l+YUaKAQlTJ7oB0sFUJw HU+wSeYtRItQZQ7DZ4gOjo/jqkJZzfBHWe1MWzmCPWf8zZFxyyli8XGKqw+AmIys HGW81KjnqpAtUz+33z8XEg+ySzKihcTIkuTEaoAZQxsI3srXcdyirIgMOVgUaT2Y FGFLo0feBOpvd0+IWNJ4H/0nKbsNzv5ScIJYbwGbCuLAi5S7uxbQ+GsMFkfkIYhj yBXdc9PO+BkS2GDWuWU+miZmHhn5xbI/o+7Sl9WSLsAcSCQt6G6pN1q/soiQJyXb Aels9zx/Phkmy8vZxUcpkUubxqw7UzsexjFCR9iqJaVB/R2EEXe8jv3A8JGXHvNU vR+MIsesm/1V2Vust6cGBpT4CpCOyeNqEV8B+eNC1W9ZtZ41aR3N+zKXnOWDXCAP 8Z33xRqodlZNxAEOfIY6B29ea6fAShNIRonvLd9a8HjPbYZRw8pbXUsJml8iTSsK Yl5NfGQybj62pq2tBz68sSCtgIV+xJWQHxk5VMV3qMW6RXn3qIM= =K3yQ -----END PGP SIGNATURE-----