diff -Nru exim4-4.80/debian/changelog exim4-4.80/debian/changelog
--- exim4-4.80/debian/changelog	2017-06-25 02:58:51.000000000 +0200
+++ exim4-4.80/debian/changelog	2018-02-10 16:33:41.000000000 +0100
@@ -1,3 +1,10 @@
+exim4 (4.80-7+deb7u6) wheezy-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix base64d() buffer size (CVE-2018-6789) (Closes: #890000)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 10 Feb 2018 16:33:41 +0100
+
 exim4 (4.80-7+deb7u5) wheezy-security; urgency=medium
 
   * Non-maintainer upload by the Debian LTS team.
diff -Nru exim4-4.80/debian/patches/92_Fix-base64d-buffer-size-CVE-2018-6789.patch exim4-4.80/debian/patches/92_Fix-base64d-buffer-size-CVE-2018-6789.patch
--- exim4-4.80/debian/patches/92_Fix-base64d-buffer-size-CVE-2018-6789.patch	1970-01-01 01:00:00.000000000 +0100
+++ exim4-4.80/debian/patches/92_Fix-base64d-buffer-size-CVE-2018-6789.patch	2018-02-10 16:33:41.000000000 +0100
@@ -0,0 +1,29 @@
+Description: Fix base64d() buffer size (CVE-2018-6789)
+ Credits for discovering this bug: Meh Chang <meh@devco.re>
+Origin: vendor
+Bug-Debian: https://bugs.debian.org/890000
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-6789
+Forwarded: not-needed
+Author: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Last-Update: 2018-02-10
+---
+
+--- a/src/auths/b64decode.c
++++ b/src/auths/b64decode.c
+@@ -42,10 +42,14 @@ static uschar dec64table[] = {
+ int
+ auth_b64decode(uschar *code, uschar **ptr)
+ {
++
+ register int x, y;
+-uschar *result = store_get(3*(Ustrlen(code)/4) + 1);
++uschar *result;
+ 
+-*ptr = result;
++{
++  int l = Ustrlen(code);
++  *ptr = result = store_get(1 + l/4 * 3 + l%4);
++}
+ 
+ /* Each cycle of the loop handles a quantum of 4 input bytes. For the last
+ quantum this may decode to 1, 2, or 3 output bytes. */
diff -Nru exim4-4.80/debian/patches/series exim4-4.80/debian/patches/series
--- exim4-4.80/debian/patches/series	2017-06-25 02:21:29.000000000 +0200
+++ exim4-4.80/debian/patches/series	2018-02-10 16:33:41.000000000 +0100
@@ -23,3 +23,4 @@
 89_03_Fix_initial_cwd_expansion.diff
 90_Fix-DKIM-information-leakage.patch
 91_CVE-2017-1000369.patch
+92_Fix-base64d-buffer-size-CVE-2018-6789.patch