[ubuntu/eoan-security] opensmtpd 6.0.3p1-6ubuntu0.1 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Wed Feb 5 13:13:07 UTC 2020

opensmtpd (6.0.3p1-6ubuntu0.1) eoan-security; urgency=medium

  * SECURITY UPDATE: Arbitrary command execution as root
    - debian/patches/CVE-2020-7247.patch: Fix a security vulnerability
      discovered by Qualys which can lead to a privileges escalation on mbox
      deliveries and unprivileged code execution on lmtp deliveries, due to a
      logic issue causing a sanity check to be missed.
    - CVE-2020-7247

Date: 2020-02-04 21:57:24.141268+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Eoan-changes mailing list