CentOS 6.X need upgrade the last Exim version. The actual last version is obsolete!

[peopleinside]

Hi,
from exim.org

All versions of Exim previous to version 4.87 are now obsolete and everyone is very strongly recommended to upgrade to a current release. The last 3.x release was 3.36. It is obsolete and should not be used.

The current version is 4.87

In CentOs 6.X the last Exim avaiable is 4.72 who is a very old version. Also if is patched can have security issue, please upgrade it to the last.
Bug Issue reported to RedHat https://bugzilla.redhat.com/show_bug.cgi?id=1357417

[TrevorH]

CentOS does not supply exim at all except in CentOS 5 which is nearly obsolete. You would need to report this to EPEL via bugzilla.redhat.com in the Fedora EPEL section. However, be aware that in common with RHEL/CentOS philosophy, exim from EPEL carries additional security patches on top of its notional version number and those fixes are detailed in the rpm changelog. I ran repoquery --changelog exim | less but if you have it installed then you can just use rpm -q --changelog exim | less to see:

Code: Select all

* Thu Jun 09 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 4.84.2-3
- Allow configuration of user:group through sysconfig
  Resolves: rhbz#1344250

* Mon Apr 18 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 4.84.2-2
- Used sane environment defaults in default configuration
  Resolves: rhbz#1323775

* Thu Mar 24 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 4.84.2-1
- New version
  Resolves: rhbz#1314118
- Fixed local privilege escalation for set-uid root when using perl_startup
  Resolves: CVE-2016-1531

* Fri Feb 12 2016 Jaroslav Škarvada <jskarvad@redhat.com> - 4.72-8
- Backported openssl_options to e.g. disable SSLv3
  Resolves: rhbz#1274822

[peopleinside]

Thank you!