-exim4 (4.89-2+deb9u3~bpo8+1) jessie-backports; urgency=medium
+exim4 (4.89-2+deb9u6~hcoop11) unstable; urgency=medium
- * Rebuild for jessie-backports.
- * b-d on libmysqlclient-dev | libmysqlclient15-dev instead of
- default-libmysqlclient-dev.
+ * New upstream security release
- -- Andreas Metzler <ametzler@debian.org> Sun, 25 Feb 2018 15:26:27 +0100
+ -- Clinton Ebadi <clinton@unknownlamer.org> Fri, 06 Sep 2019 14:23:08 -0400
+
+exim4 (4.89-2+deb9u6) stretch-security; urgency=high
+
+ * 85_01-string.c-do-not-interpret-before-0-CVE-2019-15846.patch Fix SNI
+ related buffer overflow. CVE-2019-15846
+
+ -- Andreas Metzler <ametzler@debian.org> Tue, 03 Sep 2019 20:01:38 +0200
+
+exim4 (4.89-2+deb9u5) stretch-security; urgency=high
+
+ * Fix remote command execution vulnerability related to
+ "${sort}"-expansion. CVE-2019-13917 OVE-20190718-0006
+
+ -- Andreas Metzler <ametzler@debian.org> Sat, 20 Jul 2019 13:32:35 +0200
+
+exim4 (4.89-2+deb9u4~hcoop10) unstable; urgency=medium
+
+ * Rebuild on 4.89-2+deb9u4
+
+ -- Clinton Ebadi <clinton@unknownlamer.org> Thu, 06 Jun 2019 19:35:28 -0400
+
+exim4 (4.89-2+deb9u4) stretch-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix remote command execution vulnerability (CVE-2019-10149)
+
+ -- Salvatore Bonaccorso <carnil@debian.org> Tue, 28 May 2019 22:13:55 +0200
exim4 (4.89-2+deb9u3) stretch-security; urgency=high