-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 May 2026 11:31:20 +0200
Source: exim4
Binary: exim4 exim4-config
Architecture: all
Version: 4.98.2-1+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 exim4      - metapackage to ease Exim MTA (v4) installation
 exim4-config - configuration for the Exim MTA (v4)
Closes: 1134984
Changes:
 exim4 (4.98.2-1+deb13u1) trixie; urgency=medium
 .
   * Fix GnuTLS hostname verify of a server certificate with a zero-length
     Subject. Patch from upstream GIT master (Closes: #1134984)
   * Pull CVE-fixes from 4.99.2
     +CVE-2026-40684  Possible crash with malicious DNS data when using musl
      libc On systems using musl libc (not glibc) due to an oddity in octal
      printing it is possible to crash the connection instance when malformed
      DNS data is present in PTR records.
     +CVE-2026-40685  Possible OOB read/write on corrupt JSON in header
      configurations using json operators on invalid externally-provided input
      could trigger heap corruption.
     +CVE-2026-40686  Possible OOB read with large UTF8 trailing characters
      configurations using utf8 operators on malformed utf8 in headers could
      trigger OOB reads and might trigger some data leak if error messages are
      required for subsequent emails in the current connection and similar
      malformed headers are present.
     +CVE-2026-40687  Possible OOB read/write with SPA authenticator in
      configurations using the SPA authentication driver to a
      hostile/compromised external SPA/NTLM connection it is possible to
      trigger an OOB read/write and crash the connection instance or possibly
      leak heap data to the instance.
Checksums-Sha1:
 e773d02856849b5e917fffe67bece121cb5d0f98 249540 exim4-config_4.98.2-1+deb13u1_all.deb
 494dcefb93325012af20b69a306b8bc19e9d29b5 9001 exim4_4.98.2-1+deb13u1_all-buildd.buildinfo
 3952aa1a74c24ddffb759e7106fb8c86f06f0bd6 7204 exim4_4.98.2-1+deb13u1_all.deb
Checksums-Sha256:
 c93b4c2d1d83d5b7257fe31863861cee0321c5791a83f2207c4d69932b065d63 249540 exim4-config_4.98.2-1+deb13u1_all.deb
 8da42e4439b35aa38c05bf59d2b4277cba0cedc7b762e2088c8abe8603e7fcaa 9001 exim4_4.98.2-1+deb13u1_all-buildd.buildinfo
 7b94d7958a710f6d92eaaa228048c5aa52310e951f40f14cb25fefc5ad134616 7204 exim4_4.98.2-1+deb13u1_all.deb
Files:
 77a5cec12afa2f4c8cb223adcae03966 249540 mail optional exim4-config_4.98.2-1+deb13u1_all.deb
 1084579c7a86df33917b7e85d6665d98 9001 mail standard exim4_4.98.2-1+deb13u1_all-buildd.buildinfo
 11eebf02ed233832830eefc943a4fcd1 7204 mail optional exim4_4.98.2-1+deb13u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5ZI1lXv5WjhHIVjsN8Ugyu9dQiQFAmn3hWgACgkQN8Ugyu9d
QiTkgg//VsvYj9HS+uMrymEz3CjE8AMuwAkJ1cKyw8//fU2k+jYitnwjA9pmfTTv
18L/051EXAcY+K21CH2/4t77vT2h0q5o8DeItF8p/dBXH7KwWk4pt8deCc65LSGg
Zzqeo4pUiP+9ujWlpmifY5s3IpJv5xkiSRTOtNHuSDPwZXRpQX6HKXqKTDfp3udh
jBIxZZ5JrHu8wX/oUZ/WFPqmrA/vr6MCnMNdZr6EVHIMZXYbIJrvqzfWnjUwF7q+
Vd6pi78L6ZKUOMAbSm7NsYP6CMIl1LhHHIzemPxN7V+UBRrQq3JfTj8/2p39ZC0G
Mmzrw5pE5PJLJ5Cq9hCsWY0UC9YHH59+OC3KUselMknEJdhPDixXrUWIvPSpsT6c
tZjsMHnUmRUu6VaexYzCEq3+7XgeKeJMYFtbiwcPC0L1nMR67NLitfPLcOLoXprJ
5OfgDSk9SMIPp/QA/mvjpzUTM19eieJcw2AeCXbZecWfRV8vaWmz7D0xD07b5dgv
RuV7WctHBVa2bQozhJ5oUDSc5KHRfkuA9lh2epJWi2710c6+x+CEfVGr2/qUj9at
WVYgLtyWgln1xh83Ot6LwZCG9I8ocLUME2E0iCkVkL+U3oJnkVvh2cncPBj1m8to
5CKdgwWKRGEir4u/YK94Q0tGWBuC1UD9640XocuzWsoCYhUZVYM=
=ORfY
-----END PGP SIGNATURE-----