drop the security issue hint, it is wrong for 4.98
[exim-website.git] / templates / web / index.xsl
index c7ce531681fbf4914bc2b4b8b14457eccafc2f87..937c0516b8cd75ee93fd336c193ce3164d9a6722 100644 (file)
 
                        <h2>Latest Version: <xsl:value-of select="/content/current_version"/></h2>
 
 
                        <h2>Latest Version: <xsl:value-of select="/content/current_version"/></h2>
 
-                       Currently we're working on a security release. This will be 4.96.1. Please
-                       see <a href="static/doc/security/CVE-2023-zdi.txt">this document for more detailed information.</a>
-
-
                 <!-- Summary -->
                        <p id="summary">
                                <a href="https://www.exim.org/">
                 <!-- Summary -->
                        <p id="summary">
                                <a href="https://www.exim.org/">
 
          <p id="version_info">
             <xsl:text>The current version is </xsl:text> <xsl:value-of select="/content/current_version"/><xsl:text>.</xsl:text> <br/>
 
          <p id="version_info">
             <xsl:text>The current version is </xsl:text> <xsl:value-of select="/content/current_version"/><xsl:text>.</xsl:text> <br/>
+       </p>
+
+       <p>
+       <!--
+       <xsl:text>This is a security release. It addresses the SMTP smuggling attack to which SMTP servers may be vulnerable. See </xsl:text>
+       <a href="https://bugs.exim.org/show_bug.cgi?id=3063">our bugtracker (Bug 3063)</a>
+       <xsl:text> for further information. Exim got </xsl:text>
+       <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-51766">CVE-2023-51766</a>
+       <xsl:text> assigned for this issue.</xsl:text>
+       </p>
+       -->
+
+       <p>
            <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
            <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
-
-           <!--
-           This is a security release.  See <a href="{$staticroot}/doc/security/CVE-2020-qualys">CVE-2020-qualys</a> or
-           <a href="https://www.qualys.com/2021/05/04/21nails/21nails.txt">at the reporter's (Qualys) site</a>.
-           -->
-
-         </p>
+        </p>
+
+        <!--
+         <p>
+           <xsl:text>Currently we're working on a security release. This will be 4.96.1. Please see </xsl:text>
+           <a href="static/doc/security/CVE-2023-zdi.txt">this document for more detailed information.</a>
+       </p>
+       -->
 
          <p id="beta_version_info">
             <xsl:text>There may be beta versions available from the ftp sites in the Testing directory. Many people are using these without problems, but they are not recommended unless you are willing to work with beta software.</xsl:text>
 
          <p id="beta_version_info">
             <xsl:text>There may be beta versions available from the ftp sites in the Testing directory. Many people are using these without problems, but they are not recommended unless you are willing to work with beta software.</xsl:text>