| Package | exim4 |
|---|---|
| Version | 4.84.2-2+deb8u11 (jessie), 4.89-2+deb9u11 (stretch) |
| Related CVEs | CVE-2023-42114 CVE-2023-42116 |
Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the SPA/NTLM authenticators are used.
For Debian 8 jessie, these problems have been fixed in version 4.84.2-2+deb8u11.
For Debian 9 stretch, these problems have been fixed in version 4.89-2+deb9u11.
We recommend that you upgrade your exim4 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.