CVE-2025-26794 Dear Exim users,
we got a vulnerability report and are going to release a security release on Friday, Feb 21th, 2025, at 12:00 UTC (coordinated release date). Distribution packagers are informed already. The reported vulnerability is limited to the current Exim version 4.98. Older versions are not affected. Please understand that we don't share further details yet. The new version 4.98.1 *will* be available via Git (branch exim-4.98+fixes, tag exim-4.98.1): https://code.exim.org/exim/exim.git (master repo) https://code.exim.org/exim/exim/releases/tag/exim-4.98.1 https://github.com/exim/exim.git (mirrored repo) https://github.com/Exim/exim/releases/tag/exim-4.98.1 as tarball: https://downloads.exim.org/exim4/ Commits and tarballs are signed by me, with the same key that I'm using to sign this message. (In case you're building directly from our master branch: there are no patches to the master branch yet.) Thank you for using Exim. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE -
signature.asc
Description: PGP signature
-- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
