-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2026 11:31:20 +0200 Source: exim4 Binary: exim4-base exim4-base-dbgsym exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym Architecture: riscv64 Version: 4.98.2-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: riscv64 Build Daemon (rv-osuosl-03) Changed-By: Andreas Metzler Description: exim4-base - support files for all Exim MTA (v4) packages exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Closes: 1134984 Changes: exim4 (4.98.2-1+deb13u1) trixie; urgency=medium . * Fix GnuTLS hostname verify of a server certificate with a zero-length Subject. Patch from upstream GIT master (Closes: #1134984) * Pull CVE-fixes from 4.99.2 +CVE-2026-40684 Possible crash with malicious DNS data when using musl libc On systems using musl libc (not glibc) due to an oddity in octal printing it is possible to crash the connection instance when malformed DNS data is present in PTR records. +CVE-2026-40685 Possible OOB read/write on corrupt JSON in header configurations using json operators on invalid externally-provided input could trigger heap corruption. +CVE-2026-40686 Possible OOB read with large UTF8 trailing characters configurations using utf8 operators on malformed utf8 in headers could trigger OOB reads and might trigger some data leak if error messages are required for subsequent emails in the current connection and similar malformed headers are present. +CVE-2026-40687 Possible OOB read/write with SPA authenticator in configurations using the SPA authentication driver to a hostile/compromised external SPA/NTLM connection it is possible to trigger an OOB read/write and crash the connection instance or possibly leak heap data to the instance. Checksums-Sha1: 9091353affbbc7e9d34f136dfd1cbc44cad436f9 131592 exim4-base-dbgsym_4.98.2-1+deb13u1_riscv64.deb f8cc738dfb75683526509de7b19898c06f781cd4 1141148 exim4-base_4.98.2-1+deb13u1_riscv64.deb b88e711cc4f18a63e34c1cd61360ea6faee6ea7a 1616628 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_riscv64.deb 5f60c9a324876ee0959abf65eb81cb5882465ef8 672208 exim4-daemon-heavy_4.98.2-1+deb13u1_riscv64.deb 782ae002dbd34ecd2194883b2a3dd23fe0f31794 1426936 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_riscv64.deb 4a1879afa838f55be9fd6a5358a4bfb52fce1a9b 613600 exim4-daemon-light_4.98.2-1+deb13u1_riscv64.deb 940e0406fb5526b38630e2d75e9b0e053d7fca3c 36040 exim4-dev_4.98.2-1+deb13u1_riscv64.deb 2eb1be58f64f76c8f920208809b6443f959043a4 11250 exim4_4.98.2-1+deb13u1_riscv64-buildd.buildinfo 72fdf4f605d4430b3a8431566d0b7b9dc3cf8546 132132 eximon4-dbgsym_4.98.2-1+deb13u1_riscv64.deb f7624610c5adba157402877165285e721a10691b 70840 eximon4_4.98.2-1+deb13u1_riscv64.deb Checksums-Sha256: 7b941c1937ad20c944d8d3971c82b71aa6aa645ad06e50b2b9712849fbf76af4 131592 exim4-base-dbgsym_4.98.2-1+deb13u1_riscv64.deb 1fac54791a55cad4ac9d17dd4d16d59cd00cee195a1765569dbb4b52a2df5110 1141148 exim4-base_4.98.2-1+deb13u1_riscv64.deb 590cd94a73a891b16435875272faafd5aee95bbd911fc078f6247860593822f4 1616628 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_riscv64.deb 6acf96856d37363e3a8324320ceab506881618a6e02ab66e98a3c673db288797 672208 exim4-daemon-heavy_4.98.2-1+deb13u1_riscv64.deb e7884c9fd75ae54bfa34401996702501ad6087ecc23a4e1d33b084116c349100 1426936 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_riscv64.deb f8d44fd7f734ec995ef330abccf4e70ed98a5d0d83948e31da305bcb8785c2e7 613600 exim4-daemon-light_4.98.2-1+deb13u1_riscv64.deb 9f520831dfa852d892997c99b1fc213e64c50c3e671f26e67f4b5e4f147be952 36040 exim4-dev_4.98.2-1+deb13u1_riscv64.deb 427c42a1ff136a9c04f44c2b4b20491d1cba8cf317919154efe25dd4cef77acc 11250 exim4_4.98.2-1+deb13u1_riscv64-buildd.buildinfo cd6fb732a6ccb89eca8b5cf33cf6a856a34edf6f8ef10027450298e5e46d9656 132132 eximon4-dbgsym_4.98.2-1+deb13u1_riscv64.deb dfe4867608f8984808b16df96a32346f1228102c137de4b4c96f48fa025d6578 70840 eximon4_4.98.2-1+deb13u1_riscv64.deb Files: 21823ca5ebd92a454933d1b595c20bab 131592 debug optional exim4-base-dbgsym_4.98.2-1+deb13u1_riscv64.deb da12a19b8a432a365256cc148c4aa9c5 1141148 mail optional exim4-base_4.98.2-1+deb13u1_riscv64.deb 1c6a9dc4bc3478235397d6c03aeaeb74 1616628 debug optional exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_riscv64.deb b5fd12f69ca0364315ff844dcdaaf27e 672208 mail optional exim4-daemon-heavy_4.98.2-1+deb13u1_riscv64.deb aa47b4d83937a69a45d44bd3ed8d4604 1426936 debug optional exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_riscv64.deb 268b0a72bffe046a3fc7f889bb788fd9 613600 mail optional exim4-daemon-light_4.98.2-1+deb13u1_riscv64.deb 3826d386e5e59519047327c9827ef973 36040 mail optional exim4-dev_4.98.2-1+deb13u1_riscv64.deb ac47b1fd6abe4213ac6d624314c2110f 11250 mail standard exim4_4.98.2-1+deb13u1_riscv64-buildd.buildinfo 2a61ec2919d808ee0fa82e3ca3b876e1 132132 debug optional eximon4-dbgsym_4.98.2-1+deb13u1_riscv64.deb fc8fc9acb301d5f37bfd419b9e29f704 70840 mail optional eximon4_4.98.2-1+deb13u1_riscv64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEExv8RwtKAmv8J56r/6ETk30hvxtkFAmn3jLgACgkQ6ETk30hv xtlmMw/9E9ZiU2NxdZEI6Zmo301I8bQBnJIsSeuzxtOEgIwpsjO1tErxtE0qjfQM cGZxJl6HutmnjH23rJ5ByyboI4t9Rz00Vsao/KW64VDjoY09w9OxHiCv0BBgW1Fu FtTwGjkui82TdPEbrrxkhVKf7ItIWV2v8uKMPr8u/14/ONWFXD2Lfxqexc9/mIe6 WFr6wszAogglqyXRDPB35otqt+JtH5Qh2wh9zdj4nyaWziKz/CM5mBVqNCJHU+FZ zgaM186qnGN5p5bg49jw8hXh6+AHQB8jj7PkgmktlWKuqctCXbBC2QeOoRt6sCsd RmiBtz65GjhhspUXSYGOroItGijDCvdmmXUtGP7SbQBJTijBNmfUtivYsohCC5HP R752wId9P4sZDto369GS4m819ucrw1Cq0c8yCwVSDMABQX6i71SdmKI6LIvqC1sf d3paZUeuEgXR8gytMiBOl+4KJYpUzeTUH3y7duHvvjfSrxQAy6hpg5D+p1HU9nwq +8dBrV91Ve3fXIFcGupoKY+jcF/oGt0B7Ba94Pwv3unEiLQE1BBJslhBCZT3Q3a8 DtRkF0VLrb3H1w5SS1vsu8Xct30AXfqH12kN+2NKLUt6OSWYoZAzK7sLI4pFst7E I9GhNmYWTfTRA28nXlIsf9qMv2vFl3nynafOVIuTgbOVUBxqbLo= =ZPdc -----END PGP SIGNATURE-----