Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).
openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Tumbleweed SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 SUSE Package Hub for SUSE Linux Enterprise 15 SP1