I’m writing to inform you of a problem with Exim, a mail transfer agent that is used by more than 3 million mail servers globally.
Exim has significant vulnerabilities (notably CVE-2023-42115, CVE-2023-42116, and CVE-2023-42117), which means that if you use Exim your system could be exposed to unauthorized remote code execution. This could allow malicious code that is complex and difficult to detect to be put into your system.
The vulnerabilities allow remote code execution. The good is that Exim has released a patch. It is important to install updated version exim-4.96.1.
