Format: 1.8
Date: Mon, 24 Feb 2020 12:20:52 -0500
Source: opensmtpd
Binary: opensmtpd
Architecture: riscv64
Version: 6.6.4p1-1
Distribution: focal
Urgency: high
Maintainer: Launchpad Build Daemon <buildd@riscv64-qemu-lcy01-022>
Changed-By: Ryan Kavanagh <rak@debian.org>
Description:
 opensmtpd  - secure, reliable, lean, and easy-to configure SMTP server
Closes: 952453
Changes:
 opensmtpd (6.6.4p1-1) unstable; urgency=high
 .
   * New upstream release fixes critical security bug (Closes: #952453).
     Quoting from OpenBSD errata:
 .
         An out of bounds read in smtpd allows an attacker to inject arbitrary
         commands into the envelope file which are then executed as root.
 .
         Separately, missing privilege revocation in smtpctl allows arbitrary
         commands to be run with the _smtpq group.
 .
   * Update copyright file with new copyright holders
   * Remove stale entries from Uploaders field
Checksums-Sha1:
 a5db0df10c16f4599d1ec54e27a36c7c0f1c9336 880108 opensmtpd-dbgsym_6.6.4p1-1_riscv64.ddeb
 7ea2ba3792855850c1da3f17497911342861b3ff 5602 opensmtpd_6.6.4p1-1_riscv64.buildinfo
 cd673f08c45cb9c9173c382db29401cb2776aa42 282456 opensmtpd_6.6.4p1-1_riscv64.deb
Checksums-Sha256:
 0a17f5dac6a16374db3c7d072bd290012bcf2239abfa61adbaf2d605ba1f657a 880108 opensmtpd-dbgsym_6.6.4p1-1_riscv64.ddeb
 82627a3b3f4645853e8fb83a4510959d09795cd4940f120edb6c461f053a92ca 5602 opensmtpd_6.6.4p1-1_riscv64.buildinfo
 1207562106c4a3e911a6a34ad7b851d2fce65efae0981fbb6e38592b8772482c 282456 opensmtpd_6.6.4p1-1_riscv64.deb
Files:
 4143f5b83ff999cbfbe78382cf46b94b 880108 debug optional opensmtpd-dbgsym_6.6.4p1-1_riscv64.ddeb
 e0168b159c1f6b57258eda7015ee8a70 5602 mail optional opensmtpd_6.6.4p1-1_riscv64.buildinfo
 a9a726db8e8ff777bcb2ea620e16bb49 282456 mail optional opensmtpd_6.6.4p1-1_riscv64.deb