opensmtpd 6.0.3p1-6ubuntu0.2 source package in Ubuntu
Changelog
opensmtpd (6.0.3p1-6ubuntu0.2) eoan-security; urgency=medium * SECURITY UPDATE: Local privilege escalation, remote code execution - debian/patches/CVE-2020-8793_8794.patch: An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group. -CVE-2020-8793 -CVE-2020-8794 -- Mike Salvatore <email address hidden> Wed, 26 Feb 2020 10:32:06 -0500
Upload details
- Uploaded by:
- Mike Salvatore
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
opensmtpd_6.0.3p1.orig.tar.gz | 683.3 KiB | 291881862888655565e8bbe3cfb743310f5dc0edb6fd28a889a9a547ad767a81 |
opensmtpd_6.0.3p1-6ubuntu0.2.debian.tar.xz | 31.2 KiB | 52996ff5b1be2006d211bd2f723184e058bddd3b3ae2582b5e5d0288659bdb82 |
opensmtpd_6.0.3p1-6ubuntu0.2.dsc | 2.1 KiB | f2803dfc113034eaa0f4163a98e10f658679f5c916f9774362ced7f18200149a |
Available diffs
Binary packages built by this source
- opensmtpd: No summary available for opensmtpd in ubuntu eoan.
No description available for opensmtpd in ubuntu eoan.
- opensmtpd-dbgsym: No summary available for opensmtpd-dbgsym in ubuntu eoan.
No description available for opensmtpd-dbgsym in ubuntu eoan.