git://git.exim.org / exim-website.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
chg: mention CVE for 3.97.1
[exim-website.git] / templates / web / index.xsl
diff --git a/templates/web/index.xsl b/templates/web/index.xsl
index 770c5e498b9429a7d1390d0c70d87780d61b863b..33c36cd7f25c343ee923c7c725835485605c9880 100644 (file)
--- a/templates/web/index.xsl
+++ b/templates/web/index.xsl
@@ -31,7 +31,7 @@
                                <a href="https://www.exim.org/">
                                        <img src="i/exim-blue-ld-87x65.png" alt="Exim Logo" width="87" height="65"/>
                                </a>
-                               <xsl:text>Exim is a message transfer agent (MTA) developed at the </xsl:text>
+                               <xsl:text>Exim is a message transfer agent (MTA) originally developed at the </xsl:text>
                                <a href="https://www.cam.ac.uk/" title="University of Cambridge Home page">University of Cambridge</a>
                                <xsl:text> for use on Unix systems connected to the Internet. It is freely available under the terms of the </xsl:text>
                                <a href="https://www.gnu.org/licenses/gpl.html" title="GPL Information">GNU General Public Licence</a>
@@ -47,14 +47,26 @@
 
          <p id="version_info">
             <xsl:text>The current version is </xsl:text> <xsl:value-of select="/content/current_version"/><xsl:text>.</xsl:text> <br/>
-           <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
+       </p>
 
-           <!--
-           This is a security release.  See <a href="{$staticroot}/doc/security/CVE-2020-qualys">CVE-2020-qualys</a> or
-           <a href="https://www.qualys.com/2021/05/04/21nails/21nails.txt">at the reporter's (Qualys) site</a>.
-           -->
+       <p>
+       <xsl:text>This is a security release. It addresses the SMTP smuggling attack to which SMTP servers may be vulnerable. See </xsl:text>
+       <a href="https://bugs.exim.org/show_bug.cgi?id=3063">our bugtracker (Bug 3063)</a>
+       <xsl:text> for further information. Exim got </xsl:text>
+       <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-51766">CVE-2023-51766</a>
+       <xsl:text> assigned for this issue.</xsl:text>
+       </p>
 
-         </p>
+       <p>
+           <xsl:text>If necessary, we publish maintenance releases. These releases are mainly intended for package maintainers.</xsl:text>
+        </p>
+
+        <!--
+         <p>
+           <xsl:text>Currently we're working on a security release. This will be 4.96.1. Please see </xsl:text>
+           <a href="static/doc/security/CVE-2023-zdi.txt">this document for more detailed information.</a>
+       </p>
+       -->
 
          <p id="beta_version_info">
             <xsl:text>There may be beta versions available from the ftp sites in the Testing directory. Many people are using these without problems, but they are not recommended unless you are willing to work with beta software.</xsl:text>
@@ -90,6 +102,12 @@
                   </a>
                   <xsl:text> provide us a Mac Mini for our buildfarm, keeping macOS supported.</xsl:text>
                </li>
+               <li class="sponsor">
+                  <a href="https://schlittermann.de/">
+                     <xsl:text>Schlittermann - Internet &amp; Unix Support</xsl:text>
+                  </a>
+                  <xsl:text> provide us resources for hosting and administering the exim.org infrastructure.</xsl:text>
+               </li>
             </ul>
          </div>
 
Exim website sources and generation scripts