<= Back

AOSA-2016-0038: Update Exim

December 31, 2016

Please update your exim package to version 4.88.

A security vulnerability was recently disclosed that:

"Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTAL_DSN_INFO=yes is used, the key material is included in the bounce message."

And was consequently assigned with CVE-2016-9963.

Relevant documentation:

Copyleft 2011–2023, Members of the Community   |   Site Language