Release date:
2026-05-09 03:35:35 UTC
Description:
- CVE-2026-40685: dewrap() OOB read/write on trailing backslash in JSON header
- CVE-2026-40687: SPA authenticator OOB read/write and base64 decode infoleak
- Refresh Exim-Maintainers-Keyring.asc to verify the 4.99.x release tarball signature
Updated packages:
-
exim-4.99.1-1.el9_2.tuxcare.els1.x86_64.rpm
sha:c0d58603acd8080f724cde75c150a631e17d04be283d604e2115acabc1ab0db3
-
exim-greylist-4.99.1-1.el9_2.tuxcare.els1.x86_64.rpm
sha:99f2b84446aa86b257e31fa333d24b3a27202344869624815f9584d6e5313f98
-
exim-mon-4.99.1-1.el9_2.tuxcare.els1.x86_64.rpm
sha:644b43cd62e3f7324d32a3576d2e063ddca88e3450567701a2c2545808a35ce5
-
exim-mysql-4.99.1-1.el9_2.tuxcare.els1.x86_64.rpm
sha:0e6fff8b69c403a477cf915f2d1857f3ca732eca31e60840f83363c24e0cf27b
-
exim-pgsql-4.99.1-1.el9_2.tuxcare.els1.x86_64.rpm
sha:4daeb8a8e6ccbd3266da8cf1f536f4d8d54d5740bd7b91fbbcfdb26af1f61927
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
