Errata overview
Errata ID 293
Date 2018-02-14
Source package exim4
Fixed in version 4.84.2-2+deb8u5A~
This update addresses the following issues:
* Exim supports the use of multiple "-p" command line arguments which are
  malloc()'ed and never free()'ed, used in conjunction with other issues
  allows attackers to cause arbitrary code execution. (CVE-2017-1000369)
* An issue was discovered in the SMTP listener in Exim 4.90 and earlier. By
  sending a handcrafted message, a buffer overflow may happen in a specific
  function. This can be used to execute code remotely. (CVE-2018-6789)
Additional notes
CVE ID CVE-2017-1000369
UCS Bug number #44861