On Fri, Oct 02, 2015 at 05:17:39AM +0200, Gilles Chehade wrote:
> During the last few months, researchers from Qualys Security have done
> an audit of smtpd and have identified multiple reliability and security
> issues.
>
> The issues affect 5.6, 5.7 and forthcoming 5.8 release.
>
> Patches are
During the last few months, researchers from Qualys Security have done
an audit of smtpd and have identified multiple reliability and security
issues.
The issues affect 5.6, 5.7 and forthcoming 5.8 release.
Patches are available. Apply the patch, rebuild smtpd and restart the
daemon.
5.6:
http:/
Patches are now available for 5.6 and 5.7 which fix an smtpd errata.
5.6 errata 25 and 5.7 errata 8:
Fix multiple reliability issues in smtpd:
a local user can cause smtpd to fail by writing an invalid imsg to control
socket.
a local user can prevent smtpd from serving new requests by exhausting
