From: Heiko Schlittermann (HS12-RIPE) Date: Wed, 29 Nov 2017 21:45:12 +0000 (+0100) Subject: Update info about CVE and recommendation about update X-Git-Url: https://git.exim.org/exim-website.git/commitdiff_plain/590c6a89f63ffffe791cc3cb9fd9fe02f2d9be8a Update info about CVE and recommendation about update --- diff --git a/templates/web/index.xsl b/templates/web/index.xsl index 25fbf5a..3dabc11 100644 --- a/templates/web/index.xsl +++ b/templates/web/index.xsl @@ -45,7 +45,8 @@

- All versions of Exim previous to version are now obsolete and everyone is very strongly recommended to upgrade to a current release. The last 3.x release was 3.36. It is obsolete and should not be used. + All versions of Exim previous to version are now obsolete. elease. The last 3.x release was 3.36. It is obsolete and should not be used. +

@@ -53,8 +54,9 @@

-

We fixed CVE-2016-9963 right now, you are - urged to upgrade to 4.88 or to 4.87.1, available from the known download sites. +

We fixed CVE-2017-16943 and CVE-2017-16944 with this release. + To address these two CVEs, please update to 4.89.1 or simply disable + the SMTP CHUNKING extension by using chunking_advertise_hosts = in the main configuration section.