Exim: CVE-2025-26794: upcoming security release

[Heiko Schlittermann <hs () nodmarc schlittermann de>]

CVE-2025-26794

Dear Exim users,

we got a vulnerability report and are going to release a security
release on Friday, Feb 21th, 2025, at 12:00 UTC (coordinated
release date).

Distribution packagers are informed already.

The reported vulnerability is limited to the current Exim version 4.98.
Older versions are not affected.

Please understand that we don't share any further details yet.

The new version 4.98.1 *will* be available

via Git (branch exim-4.98+fixes, tag exim-4.98.1):
  https://code.exim.org/exim/exim.git (master repo)
  https://code.exim.org/exim/exim/releases/tag/exim-4.98.1

  https://github.com/exim/exim.git    (mirrored repo)
  https://github.com/Exim/exim/releases/tag/exim-4.98.1

as tarball:
  https://downloads.exim.org/exim4/

Commits and tarballs are signed by me, with the same key that I'm using
to sign this message.

(In case you're building directly from our master branch: there are no
patches to the master branch yet.)

Thank you for using Exim.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -

Attachment: signature.asc
Description: