On Mon, Oct 16, 2023 at 04:51:03PM +0000, Debian Bug Tracking System wrote: > This is an automatic notification regarding your Bug report > which was filed against the exim4-base package: > > #1053310: exim4-base: Various severe CVE reports are outstanding > > It has been closed by Debian FTP Masters <ftpmas...@ftp-master.debian.org> > (reply to Andreas Metzler <ametz...@debian.org>). > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Debian FTP Masters > <ftpmas...@ftp-master.debian.org> (reply to Andreas Metzler > <ametz...@debian.org>) by > replying to this email. > > > -- > 1053310: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053310 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems
> From: Debian FTP Masters <ftpmas...@ftp-master.debian.org> > Reply-To: Andreas Metzler <ametz...@debian.org> > Date: Mon, 16 Oct 2023 16:49:09 +0000 > To: 1053310-cl...@bugs.debian.org > Subject: Bug#1053310: fixed in exim4 4.97~RC2-2 > Message-Id: <e1qsqmd-006pnp...@fasolo.debian.org> > > Source: exim4 > Source-Version: 4.97~RC2-2 > Done: Andreas Metzler <ametz...@debian.org> > > We believe that the bug you reported is fixed in the latest version of > exim4, which is due to be installed in the Debian FTP archive. > > A summary of the changes between this version and the previous one is > attached. > > Thank you for reporting the bug, which will now be closed. If you > have further comments please address them to 1053...@bugs.debian.org, > and the maintainer will reopen the bug report if appropriate. > > Debian distribution maintenance software > pp. > Andreas Metzler <ametz...@debian.org> (supplier of updated exim4 package) > > (This message was generated automatically at their request; if you > believe that there is a problem with it please contact the archive > administrators by mailing ftpmas...@ftp-master.debian.org) > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Format: 1.8 > Date: Mon, 16 Oct 2023 18:26:40 +0200 > Source: exim4 > Architecture: source > Version: 4.97~RC2-2 > Distribution: unstable > Urgency: high > Maintainer: Exim4 Maintainers <pkg-exim4-maintain...@lists.alioth.debian.org> > Changed-By: Andreas Metzler <ametz...@debian.org> > Closes: 1053310 > Changes: > exim4 (4.97~RC2-2) unstable; urgency=high > . > * 76_changesfrom_4.96.2.diff: Pull fixes for CVE-2023-42117 and > CVE-2023-41227 from upstream GIT master. Closes: #1053310 This should have been CVE-2023-42117 and CVE-2023-42119 AFAICT. Regards, Salvatore
