Fedora alert FEDORA-2025-d7548ec9e2 (exim)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 42 Update: exim-4.98.2-1.fc42 | |
| Date: | Fri, 11 Apr 2025 18:32:04 +0000 | |
| Message-ID: | <20250411183204.BC22D20C5D9E@bastion01.iad2.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d7548ec9e2 2025-04-11 18:19:12.061405+00:00 -------------------------------------------------------------------------------- Name : exim Product : Fedora 42 Version : 4.98.2 Release : 1.fc42 URL : https://www.exim.org/ Summary : The exim mail transfer agent Description : Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal of flexibility in the way mail can be routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail. -------------------------------------------------------------------------------- Update Information: This is an update fixing CVE 2025-30232. This is new version fixing possible remote SQL injection and FTBFS with gcc-15. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 26 2025 Jaroslav Škarvada <jskarvad@redhat.com> - 4.98.2-1 - New version Resolves: CVE 2025-30232 * Mon Feb 24 2025 Jaroslav Škarvada <jskarvad@redhat.com> - 4.98.1-1 - New version Resolves: rhbz#2346977 - Fixed possible remote SQL injection Resolves: CVE-2025-26794 - Updated exim maintainers keyring * Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 4.98-7 - Add sysusers.d config file to allow rpm to create users/groups automatically * Sat Feb 1 2025 Björn Esser <besser82@fedoraproject.org> - 4.98-6 - Add explicit BR: libxcrypt-devel * Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 4.98-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2346981 - CVE-2025-26794 exim: Exim: remote SQL injection https://bugzilla.redhat.com/show_bug.cgi?id=2346981 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d7548ec9e2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
Attachment: None (type=text/plain)
-- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue