drop the security issue hint, it is wrong for 4.98
[exim-website.git] / templates / web / index.xsl
index e56d28d3516768b8934ab1e39d9d35b9d4122de0..937c0516b8cd75ee93fd336c193ce3164d9a6722 100644 (file)
 
          <p id="version_info">
             <xsl:text>The current version is </xsl:text> <xsl:value-of select="/content/current_version"/><xsl:text>.</xsl:text> <br/>
 
          <p id="version_info">
             <xsl:text>The current version is </xsl:text> <xsl:value-of select="/content/current_version"/><xsl:text>.</xsl:text> <br/>
-           <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
        </p>
 
        <p>
        </p>
 
        <p>
-       <xsl:text>This is a security release. You should upgrade as soon as possible. Please see </xsl:text>
-        <a href="static/doc/security/CVE-2023-zdi.txt">this document for more detailed information.</a>
+       <!--
+       <xsl:text>This is a security release. It addresses the SMTP smuggling attack to which SMTP servers may be vulnerable. See </xsl:text>
+       <a href="https://bugs.exim.org/show_bug.cgi?id=3063">our bugtracker (Bug 3063)</a>
+       <xsl:text> for further information. Exim got </xsl:text>
+       <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-51766">CVE-2023-51766</a>
+       <xsl:text> assigned for this issue.</xsl:text>
        </p>
        </p>
+       -->
+
+       <p>
+           <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
+        </p>
 
         <!--
          <p>
 
         <!--
          <p>