USN-4934-1: Exim vulnerabilities
4 May 2021
Several security issues were fixed in Exim.
Releases
Packages
- exim4 - Exim is a mail transport agent
Details
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04
-
exim4-base
-
4.94-15ubuntu1.2
-
exim4-daemon-heavy
-
4.94-15ubuntu1.2
-
exim4-daemon-light
-
4.94-15ubuntu1.2
Ubuntu 20.10
-
exim4-base
-
4.94-7ubuntu1.2
-
exim4-daemon-heavy
-
4.94-7ubuntu1.2
-
exim4-daemon-light
-
4.94-7ubuntu1.2
Ubuntu 20.04
-
exim4-base
-
4.93-13ubuntu1.5
-
exim4-daemon-heavy
-
4.93-13ubuntu1.5
-
exim4-daemon-light
-
4.93-13ubuntu1.5
Ubuntu 18.04
-
exim4-base
-
4.90.1-1ubuntu1.8
-
exim4-daemon-heavy
-
4.90.1-1ubuntu1.8
-
exim4-daemon-light
-
4.90.1-1ubuntu1.8
In general, a standard system update will make all the necessary changes.
References
- CVE-2020-28022
- CVE-2020-28026
- CVE-2020-28009
- CVE-2020-28012
- CVE-2020-28018
- CVE-2020-28014
- CVE-2020-28015
- CVE-2020-28024
- CVE-2020-28017
- CVE-2020-28025
- CVE-2020-28011
- CVE-2020-28008
- CVE-2020-28013
- CVE-2020-28007
- CVE-2020-28010
- CVE-2020-28019
- CVE-2020-28016
- CVE-2020-28023
- CVE-2020-28020
- CVE-2020-28021
- CVE-2021-27216
Related notices
- USN-4934-2: exim4-base, exim4-dev, exim4, eximon4, exim4-daemon-heavy, exim4-daemon-light, exim4-config