Mailing List Archive | ports@openbsd.org

From:: Stuart Henderson <stu@spacehopper.org>
Subject:: Re: [security] mail/exim 4.98.2 (CVE-2025-30232)
To:: Renaud Allard <renaud@allard.it>
Cc:: ports@openbsd.org
Date:: Wed, 26 Mar 2025 14:20:07 +0000

Download raw body.

Thread

2025-03-26 14:10 Renaud Allard:
[security] mail/exim 4.98.2 (CVE-2025-30232)
- 2025-03-26 14:15 Renaud Allard:
  [security] mail/exim 4.98.2 (CVE-2025-30232)
- - 2025-03-26 14:20 Stuart Henderson:
    [security] mail/exim 4.98.2 (CVE-2025-30232)

On 2025/03/26 15:15, Renaud Allard wrote:
> 
> 
> On 3/26/25 3:10 PM, Renaud Allard wrote:
> > Hello,
> > 
> > Here is a short diff for exim to 4.98.2
> > Tested to build fine on amd64 for 7.6 and -current
> > 
> > This solves CVE-2025-30232.
> > There are no public details about this CVE yet.
> > 
> > Best Regards
> 
> Just for info, the details are now here:
> https://exim.org/static/doc/security/CVE-2025-30232.txt

"details"

https://github.com/Exim/exim/commit/4338bbe48a80dbfb7d75cbb8ac4789b02720f15e
is still light on the explanation but gives more clues

2025-03-26 14:10 Renaud Allard:
[security] mail/exim 4.98.2 (CVE-2025-30232)
- 2025-03-26 14:15 Renaud Allard:
  [security] mail/exim 4.98.2 (CVE-2025-30232)
- - 2025-03-26 14:20 Stuart Henderson:
    [security] mail/exim 4.98.2 (CVE-2025-30232)