[ubuntu/kinetic-security] exim4 4.96-3ubuntu1.1 (Accepted)

[Marc Deslauriers]

exim4 (4.96-3ubuntu1.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: use after free in regex handler
    - debian/patches/CVE-2022-3559-1.patch: properly clear references in
      src/exim.c, src/expand.c, src/functions.h, src/globals.c,
      src/regex.c, src/smtp_in.c.
    - debian/patches/CVE-2022-3559-2.patch: fix non-WITH_CONTENT_SCAN build
      in src/exim.c, src/regex.c.
    - debian/patches/CVE-2022-3559-3.patch: fix non-WITH_CONTENT_SCAN build
      in src/exim.c, src/functions.h, src/globals.h, src/regex.c,
      src/smtp_in.c.
    - debian/patches/CVE-2022-3559-4.patch: fix non-WITH_CONTENT_SCAN build
      in src/expand.c.
    - CVE-2022-3559

Date: 2022-11-23 18:17:10.771763+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/exim4/4.96-3ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.