Gentoo Linux Security Advisory 201909-6 - Multiple vulnerabilities have been found in Exim, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.92.2 are affected.
11bf1c509fa108ae866846d286c4ffade478a3de5985c2dee80935717df043ad
Debian Linux Security Advisory 4488-1 - Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default (and unusual) configurations where ${sort } expansion is used for items that can be controlled by an attacker.
5bd894cb502f0a1c6aee91997321470689edd511f79126588a1120bddff4d630
Ubuntu Security Notice 4075-1 - Jeremy Harris discovered that Exim incorrectly handled sort expansions. In environments where sort expansions are used, a remote attacker could possibly use this issue to execute arbitrary code as root.
af9a5c43a6ba001d6f9f739c96c14a1101ba928e6aaf880efbaa5758c3abbddc