AOSA-2016-0038: UPDATE EXIM

DECEMBER 31, 2016

Most good programmers do programming not because they expect to get paid or get adulation by the public, but because it is fun to program. – Linus Torvalds

Please update your exim package to version 4.88.

A security vulnerability was recently disclosed that:

“Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTAL_DSN_INFO=yes is used, the key material is included in the bounce message.”

And was consequently assigned with CVE-2016-9963.

Relevant documentation:

1483185290275