diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index c66d7d5c9f..013d8a1401 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=exim
-PKG_VERSION:=4.94
-PKG_RELEASE:=2
+PKG_VERSION:=4.94.2
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://ftp.exim.org/pub/exim/exim4/
-PKG_HASH:=f77ee8faf04f5db793243c3ae81c1f4e452cd6ad7dd515a80edf755c4b144bdb
+PKG_HASH:=051861fc89f06205162f12129fb7ebfe473383bb6194bf8642952bfd50329274
 PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
 
 PKG_LICENSE:=GPL-2.0-or-later
diff --git a/mail/exim/patches/020-use-correct-printf-format-for-size-t.patch b/mail/exim/patches/020-use-correct-printf-format-for-size-t.patch
deleted file mode 100644
index 6dc3c1bf78..0000000000
--- a/mail/exim/patches/020-use-correct-printf-format-for-size-t.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: Daniel Golle <daniel@makrotopia.org>
-Date: Sun, 27 Dec 2020 15:03:22 +0000
-Subject: [PATCH] use correct printf format for size_t
-
-pdkim.c: In function 'check_bare_ed25519_pubkey':
-pdkim.c:1355:60: warning: format '%lu' expects argument of type 'long unsigned int', but argument 2 has type 'size_t' {aka 'unsigned int'} [-Wformat=]
-   DEBUG(D_acl) debug_printf("DKIM: unexpected pubkey len %lu\n", p->key.len);
-                                                             ~~^     ~~~~~~~~~~
-                                                                                                                       %u
-Signed-off-by: Daniel Golle <daniel@makrotopia.org>
----
---- a/src/pdkim/pdkim.c
-+++ b/src/pdkim/pdkim.c
-@@ -1352,7 +1352,7 @@ check_bare_ed25519_pubkey(pdkim_pubkey *
- int excess = p->key.len - 32;
- if (excess > 0)
-   {
--  DEBUG(D_acl) debug_printf("DKIM: unexpected pubkey len %lu\n", p->key.len);
-+  DEBUG(D_acl) debug_printf("DKIM: unexpected pubkey len %zu\n", p->key.len);
-   p->key.data += excess; p->key.len = 32;
-   }
- }
diff --git a/mail/exim/patches/030-openssl-deprecated.patch b/mail/exim/patches/030-openssl-deprecated.patch
index 38d2b0dd0e..e890af2db1 100644
--- a/mail/exim/patches/030-openssl-deprecated.patch
+++ b/mail/exim/patches/030-openssl-deprecated.patch
@@ -45,7 +45,7 @@
  X509_set_pubkey(x509, pkey);
  
  name = X509_get_subject_name(x509);
-@@ -3900,8 +3903,8 @@ fprintf(f, "Library version: OpenSSL: Co
+@@ -3897,8 +3900,8 @@ fprintf(f, "Library version: OpenSSL: Co
             "                          Runtime: %s\n"
             "                                 : %s\n",
             OPENSSL_VERSION_TEXT,
@@ -56,7 +56,7 @@
  /* third line is 38 characters for the %s and the line is 73 chars long;
  the OpenSSL output includes a "built on: " prefix already. */
  }
-@@ -3943,8 +3946,6 @@ if (pidnow != pidlast)
+@@ -3940,8 +3943,6 @@ if (pidnow != pidlast)
    is unique for each thread", this doesn't apparently apply across processes,
    so our own warning from vaguely_random_number_fallback() applies here too.
    Fix per PostgreSQL. */