-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2026 11:31:20 +0200 Source: exim4 Binary: exim4-base exim4-base-dbgsym exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym Architecture: arm64 Version: 4.98.2-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: arm64 Build Daemon (arm-conova-03) Changed-By: Andreas Metzler Description: exim4-base - support files for all Exim MTA (v4) packages exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Closes: 1134984 Changes: exim4 (4.98.2-1+deb13u1) trixie; urgency=medium . * Fix GnuTLS hostname verify of a server certificate with a zero-length Subject. Patch from upstream GIT master (Closes: #1134984) * Pull CVE-fixes from 4.99.2 +CVE-2026-40684 Possible crash with malicious DNS data when using musl libc On systems using musl libc (not glibc) due to an oddity in octal printing it is possible to crash the connection instance when malformed DNS data is present in PTR records. +CVE-2026-40685 Possible OOB read/write on corrupt JSON in header configurations using json operators on invalid externally-provided input could trigger heap corruption. +CVE-2026-40686 Possible OOB read with large UTF8 trailing characters configurations using utf8 operators on malformed utf8 in headers could trigger OOB reads and might trigger some data leak if error messages are required for subsequent emails in the current connection and similar malformed headers are present. +CVE-2026-40687 Possible OOB read/write with SPA authenticator in configurations using the SPA authentication driver to a hostile/compromised external SPA/NTLM connection it is possible to trigger an OOB read/write and crash the connection instance or possibly leak heap data to the instance. Checksums-Sha1: aef152134bdd8060623ae00b104e657a954d2768 137672 exim4-base-dbgsym_4.98.2-1+deb13u1_arm64.deb 77150b9359b26bbee034fa2d14a8c5412b455890 1139680 exim4-base_4.98.2-1+deb13u1_arm64.deb 863b5a314174a13ecbecee744825f59f49f298c4 1688204 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_arm64.deb 2afd58260e987428efc37cf1418cc816f37990ce 637260 exim4-daemon-heavy_4.98.2-1+deb13u1_arm64.deb 1373c352e5850cb43134045bb2c8ffb8183db0bb 1489796 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_arm64.deb f47f8a3bcb138dd632ee709380490aa42a820bab 581176 exim4-daemon-light_4.98.2-1+deb13u1_arm64.deb 04f786dd0076cd84347f3ece58354f707712a6fe 36040 exim4-dev_4.98.2-1+deb13u1_arm64.deb 58045978cc027c78f7dc087a73ce2f2f55d2eb5b 11254 exim4_4.98.2-1+deb13u1_arm64-buildd.buildinfo 87b621021b07cfbe86a948aa603048ccf596e3ba 138552 eximon4-dbgsym_4.98.2-1+deb13u1_arm64.deb bee263ea3e73dd1947e2922c0c413e7bd52b3e29 69596 eximon4_4.98.2-1+deb13u1_arm64.deb Checksums-Sha256: c843951fe212bd1e1c1096cd675973387ab22691507dc35b1945de864b625b3f 137672 exim4-base-dbgsym_4.98.2-1+deb13u1_arm64.deb 538f13b80a6e2d650cc791547dd00940219c83ab65cbe1a4b0fd97473a9422ee 1139680 exim4-base_4.98.2-1+deb13u1_arm64.deb 20e5a980ca7266d1f9f3f875ee284d4078e7e07303a24e3dcecc246a4f591778 1688204 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_arm64.deb 546081ce3213d9998876ca872dc59b4e413066f162b807e74405af5f84d3fa32 637260 exim4-daemon-heavy_4.98.2-1+deb13u1_arm64.deb 3537a3152b83567dcd82684f9de9d994a24f29e27350862b312fa24c3d78d35f 1489796 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_arm64.deb 295ce289cc7a9a4a0542f974db0951809cafae8bbfa91b6d89623d6dc0bf9d3e 581176 exim4-daemon-light_4.98.2-1+deb13u1_arm64.deb d64e8b224aee57d82f6addefa5865a762173d2e7ecc655f4c23e2cbe2979b74c 36040 exim4-dev_4.98.2-1+deb13u1_arm64.deb 51dd9f8f04035acdc3d6151270284f775d00582bc055cda2bb63c78c66414a38 11254 exim4_4.98.2-1+deb13u1_arm64-buildd.buildinfo ffb6e6ac6474c5d35c701d6db669812f8c2bdfe820bb50e2a211d921a75356ed 138552 eximon4-dbgsym_4.98.2-1+deb13u1_arm64.deb 78feafca6213c61d08ea7b0713425f36190348bc4c9171767fd5a7edeb198156 69596 eximon4_4.98.2-1+deb13u1_arm64.deb Files: 423da784e5ca1ffb9e62fc6b3acd5968 137672 debug optional exim4-base-dbgsym_4.98.2-1+deb13u1_arm64.deb 6d7f7f51f4f6fb768018d3333cecb775 1139680 mail optional exim4-base_4.98.2-1+deb13u1_arm64.deb 59ed8e955cd7034cda628f35a1863e37 1688204 debug optional exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_arm64.deb b927982331768c2599dfadb67fa4d506 637260 mail optional exim4-daemon-heavy_4.98.2-1+deb13u1_arm64.deb 1a8e98054acb3aa8f50b155a9e04f2ae 1489796 debug optional exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_arm64.deb 1ce6f1bd06fd1a9523ad54325c3d017c 581176 mail optional exim4-daemon-light_4.98.2-1+deb13u1_arm64.deb 53a7f7a9f5e7079af00aa08cd479b9e6 36040 mail optional exim4-dev_4.98.2-1+deb13u1_arm64.deb fa8b45be2045c774654a52156af0aa8a 11254 mail standard exim4_4.98.2-1+deb13u1_arm64-buildd.buildinfo 621e533ddaff3f0f0d9bb150d1fabc90 138552 debug optional eximon4-dbgsym_4.98.2-1+deb13u1_arm64.deb 011acca0a9a78688d8052d521d5232c6 69596 mail optional eximon4_4.98.2-1+deb13u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmn3guAACgkQXVp1sEH/ 1mLjIA//TATQyVjm5QoHEvErO0dhNlnaZphiLOwFbunk/ifFUqvlkOdsMBE9K/Ru kAwPdP+l43UuCkc3LgsPcZZ0J+T1Ma1Jacx+l5QRtRMumnn1wPoBmX4ULhCao42T fnmJ3E7ZMoEw0hKY6Bg8m4KVFcMMXJlgHEZp2fAbCRFH0rdpQ1rT849K4X54JfTR lbKpZkM0yLEfQG1lbHSNFgVoycNV4tcUwQoCRGkzOBszgj14GqH5h7MVgsr9fhUV 95gMLUnP3THzql55qoDuoDkVHzVd7l2V9kxPTtT8HOVwr9p25Msf6gDMKULNhu6T s/vS2g6lha8JtJzpektcoArFa7rwEzsLtqT0nuMhhAqQtmRK77GUXxA3NPudxIXa hFJmh8UuOvEL6AtckMgzQgcefhRw6GYHtOhFD5QKfLjksd4ACbDqh6AQdJqQSY7m F8TmVmfCAcEI1MlTas9mbVu2JIIc+znTNkvljtJZlnegsrLpy5Sv7+hk5tWVGlhD fw92NvVLkGHIsuiaRMCIh0VsrYpOvtvZCWbZWJnzCIExEv9dL577JEGUzYBWB4Pu ibkYYoky4sdXn6wUqkPPo7wGH3g97i8CzXrxGvPz2z3VDXJCDKc1/0SepyDto2su KW4+DqdaPpdRu2dievX5lo8CkCVwAulPZ1BzgXUlUyUZ7imiJi8= =+zrx -----END PGP SIGNATURE-----