Processed: Re: Bug#950121: opensmtpd: Major vulnerabilities in opensmtpd resulting in RCE and DOS

Processing control commands: > found -1 6.0.2p1-2 Bug #950121 [opensmtpd] opensmtpd: Major vulnerabilities in opensmtpd resulting in RCE and DOS Marked as found in versions opensmtpd/6.0.2p1-2. > fixed -1 6.6.2p1-1 Bug #950121 [opensmtpd] opensmtpd: Major vulnerabilities in opensmtpd resulting i

Bug#950121: opensmtpd: Major vulnerabilities in opensmtpd resulting in RCE and DOS

Control: found -1 6.0.2p1-2 Control: fixed -1 6.6.2p1-1 This has already been fixed in unstable. I am preparing updates for oldstable and stable. —RAK -- |)|/ Ryan Kavanagh | GPG: 4E46 9519 ED67 7734 268F |\|\ https://rak.ac | BD95 8F7B F8FC 4A11 C97A signature.asc Description

Bug#950121: opensmtpd: Major vulnerabilities in opensmtpd resulting in RCE and DOS

>From the OpenBSD security advisory >Errata patches for OpenSMTPD have been released for OpenBSD 6.5 and 6.6. > >smtpd can crash on opportunistic TLS downgrade, causing a denial of service. > >Binary updates for the amd64, i386, and arm64 platforms are available via >the syspatch utility. Source c

Bug#950121: opensmtpd: Major vulnerabilities in opensmtpd resulting in RCE and DOS

Package: opensmtpd Version: 6.6.1p1-5~bpo10+1 Severity: critical Tags: security upstream Justification: root security hole Dear Maintainer, Opensmtpd 6.6.1 has 2 critical vulnerabilities, including one that results in a remote root arbitray code execution see https://www.mail-archive.com/misc@o