The current version is 4.89.1
We fixed CVE-2017-16943 and CVE-2017-16944 with this release. To address these two CVEs, please update to 4.89.1 or simply disable the SMTP CHUNKING extension by using chunking_advertise_hosts = in the main configuration section.