Release date:
2026-05-05 17:52:50 UTC
Description:
* SECURITY UPDATE: out-of-bounds read in DNS reverse-lookup escape
decoding when running against musl libc
- debian/patches/CVE-2026-40684.patch: harden string_copy_dnsdomain()
to consume 1, 2, or 3 digits incrementally instead of indexing past
the input string when fewer than 3 digits follow a backslash escape
- CVE-2026-40684
* SECURITY UPDATE: out-of-bounds heap write in JSON dewrap on malformed
header value ending in a trailing backslash
- debian/patches/CVE-2026-40685.patch: only skip a backslash in
dewrap() when followed by a non-NUL character
- CVE-2026-40685
* SECURITY UPDATE: SPA authenticator out-of-bounds write and
uninitialised-heap information disclosure
- debian/patches/CVE-2026-40687.patch: zero the spa_base64_to_bits()
output buffer to plug the infoleak; replace assert()-based length
guards in unicodeToString(), strToUnicode(), and toString() with
explicit length clamping to prevent OOB writes
- CVE-2026-40687
Updated packages:
-
exim4_4.93-13ubuntu1.12+tuxcare.els1_all.deb
sha:92f33be4c5fa17d5512aceabb80a04d0a175140d
-
exim4-base_4.93-13ubuntu1.12+tuxcare.els1_amd64.deb
sha:bbf2accdb9f6537edea0b8f780a4d147c8b55281
-
exim4-config_4.93-13ubuntu1.12+tuxcare.els1_all.deb
sha:db7a8793dedb0705d2661bf12f60044cf9abcfc5
-
exim4-daemon-heavy_4.93-13ubuntu1.12+tuxcare.els1_amd64.deb
sha:746a0da28111f8e564fe754d95726c3b3325418e
-
exim4-daemon-light_4.93-13ubuntu1.12+tuxcare.els1_amd64.deb
sha:ada5266d7d9872c46aa6ff12b9e2f75f94a04acc
-
exim4-dev_4.93-13ubuntu1.12+tuxcare.els1_amd64.deb
sha:26d8ec65c6be662ee64f5f77257acdd054fc95ad
-
eximon4_4.93-13ubuntu1.12+tuxcare.els1_amd64.deb
sha:8ee5f7afb2104cbbde0cb6314b272928a2765ea9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
