Add the following contents to the named file, creating it if necessary.# # The exim4 package # deb http://repo.bytemark.co.uk/exim4/etch ./ deb-src http://repo.bytemark.co.uk/exim4/etch ./
Then run:apt-get update apt-get upgrade
The version of exim4 included in Debian's oldstable / etch release is no longer supported by the Debian Security Team. Ideally all users of etch should upgrade to the currently supported release, code-named lenny.
However for those users who still use etch the package here fixes the most severe of the two known problems with exim4:
A remote buffer overflow, allowing the execution of arbitrary code as the user Debian-exim. This bug is fixed in the package available here.
A privilege escelation allowing the attacker to jump from running code as Debian-exim to running code as root. This bug is not fixed in our package.
Should you receive warnings about the repository signature having an unknown key please import the following signing key.