-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2026 11:31:20 +0200 Source: exim4 Binary: exim4-base exim4-base-dbgsym exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym Architecture: armhf Version: 4.98.2-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: armhf Build Daemon (arm-conova-01) Changed-By: Andreas Metzler Description: exim4-base - support files for all Exim MTA (v4) packages exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Closes: 1134984 Changes: exim4 (4.98.2-1+deb13u1) trixie; urgency=medium . * Fix GnuTLS hostname verify of a server certificate with a zero-length Subject. Patch from upstream GIT master (Closes: #1134984) * Pull CVE-fixes from 4.99.2 +CVE-2026-40684 Possible crash with malicious DNS data when using musl libc On systems using musl libc (not glibc) due to an oddity in octal printing it is possible to crash the connection instance when malformed DNS data is present in PTR records. +CVE-2026-40685 Possible OOB read/write on corrupt JSON in header configurations using json operators on invalid externally-provided input could trigger heap corruption. +CVE-2026-40686 Possible OOB read with large UTF8 trailing characters configurations using utf8 operators on malformed utf8 in headers could trigger OOB reads and might trigger some data leak if error messages are required for subsequent emails in the current connection and similar malformed headers are present. +CVE-2026-40687 Possible OOB read/write with SPA authenticator in configurations using the SPA authentication driver to a hostile/compromised external SPA/NTLM connection it is possible to trigger an OOB read/write and crash the connection instance or possibly leak heap data to the instance. Checksums-Sha1: a4f1c325c71c609f8b6f2866f9939442e49f6b72 131772 exim4-base-dbgsym_4.98.2-1+deb13u1_armhf.deb 4bb0687eef72353dfbcac3e992b9683e398566c1 1138724 exim4-base_4.98.2-1+deb13u1_armhf.deb 1b221fc272daa4ec94d9358d27f970b6c2610460 1678668 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armhf.deb b5bd837549c7fa9c17c3cd19ecce94e13dcc380a 636892 exim4-daemon-heavy_4.98.2-1+deb13u1_armhf.deb b8803d0a1d65547c7f6494947507d3fcff0d29c3 1474608 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armhf.deb 26fabc6ac454203487d646eecee3fe2bd155fd44 581748 exim4-daemon-light_4.98.2-1+deb13u1_armhf.deb 74224bab8b78a87d638ce717644efc33f7127643 36056 exim4-dev_4.98.2-1+deb13u1_armhf.deb 9606521dfb2a5c79046658574175663c8a004891 11130 exim4_4.98.2-1+deb13u1_armhf-buildd.buildinfo a0fba88b858a6acb0c09ac0036001a033ba7cc60 138576 eximon4-dbgsym_4.98.2-1+deb13u1_armhf.deb 527580e8fc255de5829d3f160dd8c1b1520e72a8 67612 eximon4_4.98.2-1+deb13u1_armhf.deb Checksums-Sha256: 139df96b917c9ebe8505dce8bcb133558957c883633b4f2a6f9ced6e3a005434 131772 exim4-base-dbgsym_4.98.2-1+deb13u1_armhf.deb bbc906546612530c24b2b2213e7a4341adc16423cec7a0c6f27b7e2a0aeb9adf 1138724 exim4-base_4.98.2-1+deb13u1_armhf.deb e046420344f1dd6e7bdfcec53e57d4381b1cd545b481c22cac7c8298119eccae 1678668 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armhf.deb 481eb0ff44dee8413417eee839739ad4dc360f1795523bf198c46380cbbfbbd3 636892 exim4-daemon-heavy_4.98.2-1+deb13u1_armhf.deb 9c2730965ed4b4e5038ec4c8d30d7ab21ac5f663d37905e6851252db5f176efd 1474608 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armhf.deb 912f4de3b09a33ec5a5ddd9720ad6e21a554214d6bc4e9e53e0b1f9d59b58c81 581748 exim4-daemon-light_4.98.2-1+deb13u1_armhf.deb 733f06e47b945bd873dc949a545ca716f919aab5ef4e5e2921c9c3d2349f1016 36056 exim4-dev_4.98.2-1+deb13u1_armhf.deb daa7753804c6af7141d8c731cc7643a8372d7c0cca3dafce7614b8bb653b9e95 11130 exim4_4.98.2-1+deb13u1_armhf-buildd.buildinfo f2630211652f0adf691ea1cb35746907fa43489b271e1b47001b3a63fb4644ee 138576 eximon4-dbgsym_4.98.2-1+deb13u1_armhf.deb c6969e2debab0607c13e91a624b6be23fd9609fd8ceb01b7c6f6565e02fa4499 67612 eximon4_4.98.2-1+deb13u1_armhf.deb Files: 57f70c48835b4292e735982e1fc1eb4e 131772 debug optional exim4-base-dbgsym_4.98.2-1+deb13u1_armhf.deb 7e00942b4415176306d3ec963e980b0f 1138724 mail optional exim4-base_4.98.2-1+deb13u1_armhf.deb 75bb3122c2f1d158683a455ae853d97b 1678668 debug optional exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_armhf.deb dd25c36aad3408af33fd74fa3118c3f7 636892 mail optional exim4-daemon-heavy_4.98.2-1+deb13u1_armhf.deb e0e2c367f2b1253ec4e0050c9572fe7a 1474608 debug optional exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_armhf.deb 2dbed2f4a6768ba51b25268f0bc9fccf 581748 mail optional exim4-daemon-light_4.98.2-1+deb13u1_armhf.deb ddb6899d9f9495b95544bf89b8f2ad2a 36056 mail optional exim4-dev_4.98.2-1+deb13u1_armhf.deb dcdfd861d0a9f930bca9d77fbef48182 11130 mail standard exim4_4.98.2-1+deb13u1_armhf-buildd.buildinfo 6784925c627145bd4ffb913b41a44cf9 138576 debug optional eximon4-dbgsym_4.98.2-1+deb13u1_armhf.deb eaceb480498b65beea24767eb6fcf3e6 67612 mail optional eximon4_4.98.2-1+deb13u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmn3hicACgkQ8U6eOZMp j688sQ/7BNnVWVylqIEU3CI7042cXF5nTHBwnB80Wi/zajYrpZbnaz+oZ0JMIYzH fdmq7PdcKwYP0GMz0ym6MUDa7kUV/Ubdhyla+IXxGVsCGZcnms5W0DJxnPP4PG60 Rblwekk3F7eAga2hyYAX+V7LJ4SaoVvXGiFbwDajoVdTbkSsRGH5b2gaoMn1QwlQ zQQzShcG1Vesh+8OVhu2CJAYj+DXblyeRH83uJJCGc8qRznkTnSbF71TA6DMUrxF 3c42miRL3t7qZWO/RxfA8APAoQDm0qTSYge8zdy3H7luOYl+h5doYygxtbw5wQA7 ht5fPu0fuYFHJNo1fF8rrku72/N+QAYNesVAwXcpHpUze4KdGcjCC4tvF36rcq3c ZjkrY8R8p6UVcxIBtg1dgfvKr5SC2DRDR4Y+dzM24feZSKDC0rbLe/Dc08wzxhiw i1J21cpN+Q/ciuMsu54NTFzxD/9KVOAaJKh9NsulWlYwl7I5Ka524RJM2zZHibJ7 SfBlgObtcay5J2FQT+T3mkDB6cesfGyQFM4ZXRwz9f0UhJd1vCNULr2Lr3OO1dFz xykF78xzkD3swqYohIaA3YQf/wGrLcQ0IsUM/J1Pc8g/wWrpvqVuGhhdxfkdGbl7 ZE/mbflmC9PSMqPrTJcvjQhjCY5mi9Fn1fwV9hSjyI3iMhqyZxE= =YDT+ -----END PGP SIGNATURE-----