One of these requires having the spa challenge authentication method active, which concerns NTLM passwords. I’m going to guess that approximately zero currently running exim mailservers are using this authentication method. It’s not even mentioned in the default Debian configuration files.<p>Another is a stack overflow, which will hopefully be caught be the stack-protector hardening on Debian/Ubuntu.<p>Which leaves the worst of them - the buffer overflow :(
The site makes it appear Exim never took action on their info to them more than a year ago.<p>other: <a href="https://security-tracker.debian.org/tracker/CVE-2023-42115" rel="nofollow noreferrer">https://security-tracker.debian.org/tracker/CVE-2023-42115</a>