From e90fcc54809db2591dc083f43ef54c6ec8c60847 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 18:16:13 +0200
Subject: Adding upstream version 4.96.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 doc/cve-2019-15846/posting-1.txt | 59 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 doc/cve-2019-15846/posting-1.txt

(limited to 'doc/cve-2019-15846/posting-1.txt')

diff --git a/doc/cve-2019-15846/posting-1.txt b/doc/cve-2019-15846/posting-1.txt
new file mode 100644
index 0000000..d22b85c
--- /dev/null
+++ b/doc/cve-2019-15846/posting-1.txt
@@ -0,0 +1,59 @@
+To: oss-security@lists.openwall.com, exim-users@exim.org,
+    exim-announce@exim.org
+From: [ do not use a dmarc protected sender ]
+
+*** Note: EMBARGO is still in effect        ***
+*** Distros must not publish any detail yet ***
+
+Head up! Security release ahead!
+
+CVE ID:     CVE-2019-15846
+Version(s): up to and including 4.92.1
+Issue:      A local or remote attacker can execute programs with root
+            privileges.
+Details:    Will be made public at CRD.
+
+Coordinated Release Date (CRD) for Exim 4.92.2: 2019-09-06 10:00 UTC
+
+Contact:    security@exim.org
+
+Proposed Timeline
+=================
+
+2019-09-03:
+    - initial notification to distros@openwall.org and
+      exim-maintainers@exim.org
+
+2019-09-04: <-- NOW
+    - This Heads-up notice to oss-security@lists.openwall.com,
+      exim-users@exim.org, and exim-announce@exim.org
+
+2019-09-06 10:00 UTC:
+    - Coordinated relase date
+    - Publish the patches in our official and public Git repositories
+      and the packages on our FTP server.
+
+Downloads available starting at CRD
+====================================
+
+The downloads are not yet available. They will be made available
+at the above mentioned CRD.
+
+Release tarballs (exim-4.92.2):
+
+    https://ftp.exim.org/pub/exim/exim4/
+
+The package files are signed with my GPG key.
+
+The full Git repo:
+
+    https://git.exim.org/exim.git
+    https://github.com/Exim/exim    [mirror of the above]
+    - tag    exim-4.92.2
+    - branch exim-4.92.2+fixes
+
+The tagged commit is the officially released version. The tag is signed
+with my GPG key.  The +fixes branch isn't officially maintained, but
+contains useful patches *and* the security fix. The relevant commit is
+signed with my GPG key. The old exim-4.92.1+fixes branch is being functionally
+replaced by the new exim-4.92.2+fixes branch.
-- 
cgit v1.2.3