-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2026 11:31:20 +0200 Source: exim4 Binary: exim4-base exim4-base-dbgsym exim4-daemon-heavy exim4-daemon-heavy-dbgsym exim4-daemon-light exim4-daemon-light-dbgsym exim4-dev eximon4 eximon4-dbgsym Architecture: s390x Version: 4.98.2-1+deb13u1 Distribution: trixie Urgency: medium Maintainer: s390x Build Daemon (zani) Changed-By: Andreas Metzler Description: exim4-base - support files for all Exim MTA (v4) packages exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac exim4-daemon-light - lightweight Exim MTA (v4) daemon exim4-dev - header files for the Exim MTA (v4) packages eximon4 - monitor application for the Exim MTA (v4) (X11 interface) Closes: 1134984 Changes: exim4 (4.98.2-1+deb13u1) trixie; urgency=medium . * Fix GnuTLS hostname verify of a server certificate with a zero-length Subject. Patch from upstream GIT master (Closes: #1134984) * Pull CVE-fixes from 4.99.2 +CVE-2026-40684 Possible crash with malicious DNS data when using musl libc On systems using musl libc (not glibc) due to an oddity in octal printing it is possible to crash the connection instance when malformed DNS data is present in PTR records. +CVE-2026-40685 Possible OOB read/write on corrupt JSON in header configurations using json operators on invalid externally-provided input could trigger heap corruption. +CVE-2026-40686 Possible OOB read with large UTF8 trailing characters configurations using utf8 operators on malformed utf8 in headers could trigger OOB reads and might trigger some data leak if error messages are required for subsequent emails in the current connection and similar malformed headers are present. +CVE-2026-40687 Possible OOB read/write with SPA authenticator in configurations using the SPA authentication driver to a hostile/compromised external SPA/NTLM connection it is possible to trigger an OOB read/write and crash the connection instance or possibly leak heap data to the instance. Checksums-Sha1: 127404cde3cdb6cb864e8fdcb72789d7d0eaeee2 128628 exim4-base-dbgsym_4.98.2-1+deb13u1_s390x.deb adafe935938a787e233bbc0bfc4e36ee6aeb87c6 1140880 exim4-base_4.98.2-1+deb13u1_s390x.deb 20d759db33ffb3ee118f5d1b80fa61f23e8a8447 1691660 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_s390x.deb 3ec51ffffdbabf995f657a7bf52a1eb3757bd425 667624 exim4-daemon-heavy_4.98.2-1+deb13u1_s390x.deb efdd082a6f628e85c7a72f0f609a7729d7a9b3db 1490920 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_s390x.deb f00347605858bb5b61e01daa6c776a48330db1be 610120 exim4-daemon-light_4.98.2-1+deb13u1_s390x.deb 04c2f6e80847763891ba9eb99163e135df6ee9d6 36040 exim4-dev_4.98.2-1+deb13u1_s390x.deb d21e3bcfdac0f1cbe090c28192c9aaf5b6bcb19e 11126 exim4_4.98.2-1+deb13u1_s390x-buildd.buildinfo e1a359491e959734a726dc2b00b5db3641b7ac53 140060 eximon4-dbgsym_4.98.2-1+deb13u1_s390x.deb 7599705ee49904fed1096595120ca9f85caa53e7 72168 eximon4_4.98.2-1+deb13u1_s390x.deb Checksums-Sha256: 1cbb3a9190644afd27821adf619707c922d26ea382db5fdb711d2f1d527c0afd 128628 exim4-base-dbgsym_4.98.2-1+deb13u1_s390x.deb 9131f906d445ca1566c0548d2575eb05483b28c3006f56dcc445b5a1b0155c3c 1140880 exim4-base_4.98.2-1+deb13u1_s390x.deb 97678634f0b52d8d2fd5fd2b2fae94f197a5f871245a0020bfe6c42ee0227fc6 1691660 exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_s390x.deb 1eaad93f88758e97f5a155bcd3b1a92c4be3f9bc51f5b11b6a0adf26f7eef711 667624 exim4-daemon-heavy_4.98.2-1+deb13u1_s390x.deb e3fd1cd041e65d0f4f2a44b87ffd1941ed97b5fac7dda53a36fab9cf2457806a 1490920 exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_s390x.deb 8b9169f7856b256bf7f9d74e116df979d02ad8cfaf6bf1992a45bed627edd59a 610120 exim4-daemon-light_4.98.2-1+deb13u1_s390x.deb f87af1cf2f331309bf6b351ccabec06ea16dee5d2f60bb38472a0aa6a1afa0a9 36040 exim4-dev_4.98.2-1+deb13u1_s390x.deb a75e88aacb6c5b27612189f2ac61bd52f9c6e6ecdc3192280ed2bba440c546c3 11126 exim4_4.98.2-1+deb13u1_s390x-buildd.buildinfo 018c9a14ac68b6788c09ce57c0c753bd42411e4c871a1d66cbbdefa615a1a00f 140060 eximon4-dbgsym_4.98.2-1+deb13u1_s390x.deb 19473e38c08504f51e4f6f2d44fc185c1a41e0efb4a2c6344d18975076906121 72168 eximon4_4.98.2-1+deb13u1_s390x.deb Files: a1272737923019167ab4ee66f283a7da 128628 debug optional exim4-base-dbgsym_4.98.2-1+deb13u1_s390x.deb 8f77cd5cbdc09641b5f5fbfe405de534 1140880 mail optional exim4-base_4.98.2-1+deb13u1_s390x.deb f267f98501ce51fbc90a118ae30ed3f1 1691660 debug optional exim4-daemon-heavy-dbgsym_4.98.2-1+deb13u1_s390x.deb 24ac07efaf81176da9c9ca3a3464cbf5 667624 mail optional exim4-daemon-heavy_4.98.2-1+deb13u1_s390x.deb daea0e8e3a492c4bc2445ce6e786b08c 1490920 debug optional exim4-daemon-light-dbgsym_4.98.2-1+deb13u1_s390x.deb abcb4511a0ce5db57b341cc90b1de577 610120 mail optional exim4-daemon-light_4.98.2-1+deb13u1_s390x.deb 426ca09d152fffecdbaf1d5d107117a7 36040 mail optional exim4-dev_4.98.2-1+deb13u1_s390x.deb f4c17fabb1efb1bf00838e4830b7f972 11126 mail standard exim4_4.98.2-1+deb13u1_s390x-buildd.buildinfo d8d5081ecc49a21e8d11f5c18a9c4263 140060 debug optional eximon4-dbgsym_4.98.2-1+deb13u1_s390x.deb d696f53cbbe429ee4afa3f22c910f97b 72168 mail optional eximon4_4.98.2-1+deb13u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmn3hGwACgkQkaCrxAR3 BY2LuQ/+I569nxz3k8KaWtcTNYgxtBCiGn8jrLC44ZhAUEYzODgF0lSAuS3tg6bA pvzn5Y1uNLMQkY+PCKXrszCQ2SyvuapAPMYQxd9u5umjBGbohnKgMWX8YhEpsuNa 6cweojBBtrddv9VBAf3yx9XALo8TWY9wUkgQ4kgaER0Y9CWOHVcU3P075eaqjws+ JwpsTHIZ2REexjqlUFrPNzy6FMDPzmEAdL5kaW7U58IUhZ3WjfM+tW+452iMMtAW u5bUlB+IJuvT/Te0HpeOYIy5OXVOth4ndTcPv2bMXx49o09Q8ifq9LsBaiHwAwki +tmkCMvSyB6iXa6SKyWuGnR7QUqAJAP9yMA7iVIckGcN8SWWILsd49RmUZtK4Asg /gm+S5GTRJF417/0wPVxRPbA4f+K/1cT3XRJ4XPY5r2At9dPRJMfCKk94YtrmLww gPRGuCNihDJQMyjpjZxmXQFGJ2TYuIc/gCK/37NHQkHCE1tHMJlAF1dACMPLd0Gz bGE7BaDLs6h4VGQbeY+9EPjG9/XzRQYx0+qUuP7DcuZ4RjSRk1grlaNqj10hWDXz N1lY84Y87q3ZGX3wDWD0oEWBZ+kx/ifBpDcUGVf5m5P7LihH5kpQ/V268uoeyQqK r3NBJDQNmOAFv9QW6DyuiN/kvROr1wN0/gz3c6CM+K2nwvil9is= =vRFO -----END PGP SIGNATURE-----