diff --git a/exim-4.98.2.tar.bz2 b/exim-4.98.2.tar.bz2
new file mode 100644
index 0000000..d2828ea
--- /dev/null
+++ b/exim-4.98.2.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:14d7ead473394c8712f2d28835ea93c475603cbc2b3200b6188eac8782985cf1
+size 2098693
diff --git a/exim-4.98.2.tar.bz2.asc b/exim-4.98.2.tar.bz2.asc
new file mode 100644
index 0000000..e0f98b1
--- /dev/null
+++ b/exim-4.98.2.tar.bz2.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEqYbzpr1jd9hzCVjevOWMjOQfMt8FAmfigfYACgkQvOWMjOQf
+Mt9fWQgApDcF+KKjAXLVvFfWaux6/W0lzuB/qmChAo/g5yRDz7edEa15qSEvL4zu
+CfNxtl6Fu0rSBe0LDB280vh0FzzhBM9Slh0YRB92QJRwNuDXYMj0UMAx02z96y1/
+Y2V1uInVvwXIQCpNHSSEiwI1H9AWBECxr1d4CqXCmC5zmpFUC6WJbKJITaPB32cv
+/80gK7SWdmlFkjnu2M1bf1vwtrWGKIhKjHDFDw9nDGRH+cZ3Pvpi/BY29fsnLAQ2
+naEVfLQxCkm/GMgnCZMreVP3JEvC5EaZTHPuPNg/cbTrXX1x6rp0RQZIGLdCU2eQ
+IUloivrG73Yw4Fg2IT0gx2rE8oAPbA==
+=rFUA
+-----END PGP SIGNATURE-----
diff --git a/exim-4.98.tar.bz2 b/exim-4.98.tar.bz2
deleted file mode 100644
index 077f068..0000000
--- a/exim-4.98.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:acfd93f6e4a38e4887867614770ea062b2453ed93e355772adeae6c6598b0d92
-size 2099901
diff --git a/exim-4.98.tar.bz2.asc b/exim-4.98.tar.bz2.asc
deleted file mode 100644
index aeaf241..0000000
--- a/exim-4.98.tar.bz2.asc
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQFEBAABCAAuFiEEqYbzpr1jd9hzCVjevOWMjOQfMt8FAmaOn7MQHGpnaEB3aXpt
-YWlsLm9yZwAKCRC85YyM5B8y36inB/4w0K3tt2qwd2167bMznkc1iPt8CXiyP4CM
-Q8MpROT6djkLPmt6/TdL64GC8u2mPexagNhSAWWxkqjAvHLsuqow2yU6y6+0xcPh
-14FlokH7rO1CL0YczPLvxNVhGRLKT2YDso92qWGZJ8Bw5Vk+D4sbu5aXrkFCSgRf
-ia/J+O6TrYzrOGDNrPboH36+7eQdK9gsZAQDJhusXL/3UXmUhKR6KMn0UPxpk1kQ
-uDgF12/GXOIFbwqyrW03ToAiOISd4b2hNmdafm+uQIl7R0K2c/Z0D7i6FliDQzXI
-4Uu5N7yvFGQ0bsYjG4fW23oiwAPS5y93w0Ah1Ka7ES+8sIrmdQFp
-=vIcz
------END PGP SIGNATURE-----
diff --git a/exim.changes b/exim.changes
index f085179..9970102 100644
--- a/exim.changes
+++ b/exim.changes
@@ -1,3 +1,41 @@
+-------------------------------------------------------------------
+Fri Jun  6 11:34:28 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
+
+- fix issues with permissions (bsc#1240755):
+  * add su mail mail option to exim.logrotate
+  * add %verify_permissions -e /var/spool/mail/
+  * add trailing slash
+    %set_permissions /var/spool/mail/
+
+-------------------------------------------------------------------
+Tue May 20 14:13:09 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
+
+- fix issues with permissions (bsc#1240755):
+  * remove /usr/sbin/exim from permissions.exim file
+  * add set_permissions entry for /var/spool/mail to spec file in
+    post section
+
+-------------------------------------------------------------------
+Fri May 16 10:18:21 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
+
+- fix installation of permissions.exim file in /etc/permissions.d/ directory if
+  suse_version is set (bsc#1240755)
+
+-------------------------------------------------------------------
+Thu Mar 27 14:41:49 UTC 2025 - Alexander Bergmann <abergmann@suse.com>
+
+- security release 4.98.2 for CVE-2025-30232 (bsc#1239794)
+  * Fixed use-after-free with potential for privilege escalation. 
+- security release 4.98.1 for CVE-2025-26794 (bsc#1237424)
+  * Fixed remote SQL injection when SQLite hints and ETRN serialization
+    are used.
+
+-------------------------------------------------------------------
+Tue Mar 11 08:41:22 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
+
+- Adding directory /var/spool/mail/ to permissions file /etc/permissions.d/exim
+  as required by rpmlint (bsc#123625)
+
 -------------------------------------------------------------------
 Mon Nov 18 13:11:39 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
 
@@ -88,6 +126,7 @@ Wed Jun 29 14:20:50 UTC 2022 - Stefan Schubert <schubi@suse.com>
 - Moved logrotate files from user specific directory /etc/logrotate.d
   to vendor specific directory /usr/etc/logrotate.d.
 
+-------------------------------------------------------------------
 Mon Jun 27 08:33:59 UTC 2022 - Peter Wullinger <wullinger@rz.uni-kiel.de>
 
 - update to exim 4.96
diff --git a/exim.logrotate b/exim.logrotate
index 5af9712..e7166e3 100644
--- a/exim.logrotate
+++ b/exim.logrotate
@@ -1,4 +1,5 @@
 /var/log/exim/main.log {
+        su mail mail
 	compress
 	dateext
 	notifempty
@@ -28,6 +29,7 @@
 }
 
 /var/log/exim/reject.log {
+        su mail mail
 	compress
 	dateext
 	notifempty
@@ -39,6 +41,7 @@
 }
 
 /var/log/exim/panic.log {
+        su mail mail
 	compress
 	dateext
 	notifempty
diff --git a/exim.spec b/exim.spec
index 5836035..93df430 100644
--- a/exim.spec
+++ b/exim.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package exim
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -31,7 +31,7 @@
 %bcond_with     dane
 %endif
 Name:           exim
-Version:        4.98
+Version:        4.98.2
 Release:        0
 Summary:        The Exim Mail Transfer Agent, a Replacement for sendmail
 License:        GPL-2.0-or-later
@@ -361,6 +361,9 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_distconfdir}/logrotate.d/exim
 %else
 install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/exim
 %endif
+%if 0%{?suse_version}
+install -D -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/permissions.d/%{name}
+%endif
 # man pages
 mv doc/exim.8 %{buildroot}/%{_mandir}/man8/
 cp $RPM_SOURCE_DIR/exim_db.8.gz %{buildroot}/%{_mandir}/man8
@@ -441,6 +444,7 @@ done
 %run_permissions
 %else
 %set_permissions %{_sbindir}/exim
+%set_permissions /var/spool/mail/
 %endif
 if ! test -s etc/exim/exim.conf; then
 	if test -s etc/exim.conf; then
@@ -479,6 +483,7 @@ exit 0
 
 %verifyscript
 %verify_permissions -e %{_sbindir}/exim
+%verify_permissions -e /var/spool/mail/
 
 %files
 %ghost %{_docdir}/%{name}/doc/cve-2019-13917.rpmmoved
@@ -510,7 +515,7 @@ exit 0
 %else
 %config(noreplace) %{_sysconfdir}/logrotate.d/exim
 %endif
-%if %{?suse_version:%suse_version}%{?!suse_version:99999} < 1000
+%if 0%{?suse_version}
 %config(noreplace) %{_sysconfdir}/permissions.d/exim
 %endif
 %dir %{_datadir}/apparmor
diff --git a/permissions.exim b/permissions.exim
index 1927d3c..1ecd24f 100644
--- a/permissions.exim
+++ b/permissions.exim
@@ -1,2 +1 @@
-/usr/sbin/exim			root:root	4755
-
+/var/spool/mail/		root:root	1777