Update info about CVE and recommendation about update
authorHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Wed, 29 Nov 2017 21:45:12 +0000 (22:45 +0100)
committerHeiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Wed, 29 Nov 2017 21:45:12 +0000 (22:45 +0100)
templates/web/index.xsl

index 25fbf5af617f0b84f9922e6ecad84799a8dbbdf5..3dabc1152ecd869a5b7006786283ee32db388e11 100644 (file)
@@ -45,7 +45,8 @@
       <!-- Version Information -->
          <p id="obsolete_version_info">
 
-            <xsl:text>All versions of Exim previous to version </xsl:text><xsl:value-of select="/content/current_version"/><xsl:text> are now obsolete and everyone is very strongly recommended to upgrade to a current release. The last 3.x release was 3.36. It is obsolete and should not be used.</xsl:text>
+            <xsl:text>All versions of Exim previous to version </xsl:text><xsl:value-of select="/content/current_version"/><xsl:text> are now obsolete. elease. The last 3.x release was 3.36. It is obsolete and should not be used.</xsl:text>
+
          </p>
 
          <p id="version_info">
@@ -53,8 +54,9 @@
             <xsl:value-of select="/content/current_version"/>
          </p>
 
-        <p> We fixed <a href="static/doc/CVE-2016-9963.txt">CVE-2016-9963</a> right now, you are
-        urged to upgrade to 4.88 or to 4.87.1, available from the known download sites.
+        <p> We fixed CVE-2017-16943 and CVE-2017-16944 with this release.
+        To address these two CVEs, please update to 4.89.1 or simply disable
+        the SMTP CHUNKING extension by using <code>chunking_advertise_hosts = </code> in the main configuration section.
         </p>
 
          <p id="beta_version_info">