[Git][security-tracker-team/security-tracker][master] Add assigned CVE for exim4

Tue, 12 May 2026 13:48:13 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d59d413c by Salvatore Bonaccorso at 2026-05-12T22:47:14+02:00
Add assigned CVE for exim4

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -785,13 +785,11 @@ CVE-2026-5089 (YAML::Syck versions before 1.38 for Perl  
has an out-of-bounds re
        NOTE: https://github.com/cpan-authors/YAML-Syck/issues/132
        NOTE: https://github.com/cpan-authors/YAML-Syck/pull/133
        NOTE: Fixed by: 
https://github.com/cpan-authors/YAML-Syck/commit/208a4d3bd1b5cdb4a791a6e3905bd6bd45e9d005
 (1.38)
-CVE-2026-XXXX [Exim-Security-2026-05-01.1: TLS: on rxd close with CHUNKING 
active, clean the input processing stack]
+CVE-2026-45185 [Exim-Security-2026-05-01.1: TLS: on rxd close with CHUNKING 
active, clean the input processing stack]
        - exim4 4.99.2-2
-       [trixie] - exim4 4.98.2-1+deb13u2
-       [bookworm] - exim4 4.96-15+deb12u9
-       [bullseye] - exim4 4.94.2-7+deb11u5
        NOTE: 
https://code.exim.org/exim/exim/commit/040c1ce6889f435206677ed532c9a4185cf0bcaf
        NOTE: https://www.openwall.com/lists/oss-security/2026/05/12/4
+       NOTE: 
https://exim.org/static/doc/security/EXIM-Security-2026-05-01.1/EXIM-Security-2026-05-01.1.txt
 CVE-2026-44931
        - malcontent <not-affected> (Vulnerable code introduced later)
        NOTE: https://www.openwall.com/lists/oss-security/2026/05/11/1


=====================================
data/DLA/list
=====================================
@@ -1,4 +1,5 @@
 [12 May 2026] DLA-4580-1 exim4 - security update
+       {CVE-2026-45185}
        [bullseye] - exim4 4.94.2-7+deb11u5
 [11 May 2026] DLA-4579-1 python-authlib - security update
        {CVE-2026-27962 CVE-2026-28490 CVE-2026-28498}


=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [12 May 2026] DSA-6265-1 exim4 - security update
-       {CVE-2026-40684 CVE-2026-40685 CVE-2026-40686 CVE-2026-40687}
+       {CVE-2026-40684 CVE-2026-40685 CVE-2026-40686 CVE-2026-40687 
CVE-2026-45185}
        [bookworm] - exim4 4.96-15+deb12u9
        [trixie] - exim4 4.98.2-1+deb13u2
 [11 May 2026] DSA-6264-1 dnsmasq - security update



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d59d413c3938d01114174ae33f50b593c81bfd72

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d59d413c3938d01114174ae33f50b593c81bfd72
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to