I've uploaded Exim 4.87.1 to:
ftp://ftp.exim.org/pub/exim/exim4/old/
git://git.exim.org/exim.git (tag exim-4_87_1)
Whilst this release is superseeded by 4.88 already, you're urged
to upgrade to 4.87.1, if 4.88 isn't an option for you yet.
No features are added or removed. This release contains
just a fix for CVE-2016-9963
- Fix CVE-2016-9963 - Info leak from DKIM. When signing DKIM, if
either LMTP or PRDR was used for delivery, the key could appear in
logs. Additionally, if the experimental feature "DSN_INFO" was used,
it could appear in DSN messages (and be sent offsite).
For details about the CVE please see
https://exim.org/static/doc/CVE-2016-9963.txt
The release files for 4.87.1 are signed with the PGP key 0xF69376CE,
which has a uid "Heiko Schlittermann (HS12-RIPE) <hs@???>".
Please use your own discretion in assessing what trust paths you might
have to this uid.
In case on any problems please contact us on exim-users@???
or on the IRC channel #exim at freenode.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -