"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges. For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u6. For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u2. We recommend that you upgrade your exim4 packages. For the detailed security status of exim4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/exim4
"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges.
For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u6.
For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u2.
We recommend that you upgrade your exim4 packages.
For the detailed security status of exim4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/exim4
Vulmon