USN-4934-1

It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges.

References

Affected packages

Ubuntu:18.04:LTS / exim4

Package

Name: exim4
Purl: pkg:deb/ubuntu/exim4@4.90.1-1ubuntu1.8?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.90.1-1ubuntu1.8

Affected versions

4.*

4.89-5ubuntu1

4.89-9ubuntu1

4.89-9ubuntu2

4.89-9ubuntu3

4.89-9ubuntu4

4.90.1-1ubuntu1

4.90.1-1ubuntu1.1

4.90.1-1ubuntu1.2

4.90.1-1ubuntu1.3

4.90.1-1ubuntu1.4

4.90.1-1ubuntu1.5

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "exim4",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-base",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-base-dbgsym",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-config",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-daemon-heavy",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-daemon-heavy-dbgsym",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-daemon-light",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-daemon-light-dbgsym",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "exim4-dev",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "eximon4",
            "binary_version": "4.90.1-1ubuntu1.8"
        },
        {
            "binary_name": "eximon4-dbgsym",
            "binary_version": "4.90.1-1ubuntu1.8"
        }
    ]
}

Ubuntu:20.04:LTS / exim4

Package

Name: exim4
Purl: pkg:deb/ubuntu/exim4@4.93-13ubuntu1.5?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.93-13ubuntu1.5

Affected versions

4.*

4.92.1-1ubuntu3

4.92.1-1ubuntu4

4.93~RC2-1ubuntu1

4.93-9ubuntu1

4.93-11ubuntu1

4.93-12ubuntu1

4.93-13ubuntu1

4.93-13ubuntu1.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "exim4",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-base",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-base-dbgsym",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-config",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-daemon-heavy",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-daemon-heavy-dbgsym",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-daemon-light",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-daemon-light-dbgsym",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "exim4-dev",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "eximon4",
            "binary_version": "4.93-13ubuntu1.5"
        },
        {
            "binary_name": "eximon4-dbgsym",
            "binary_version": "4.93-13ubuntu1.5"
        }
    ]
}