[ubuntu/eoan-security] opensmtpd 6.0.3p1-6ubuntu0.1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Wed Feb 5 13:13:07 UTC 2020
opensmtpd (6.0.3p1-6ubuntu0.1) eoan-security; urgency=medium
* SECURITY UPDATE: Arbitrary command execution as root
- debian/patches/CVE-2020-7247.patch: Fix a security vulnerability
discovered by Qualys which can lead to a privileges escalation on mbox
deliveries and unprivileged code execution on lmtp deliveries, due to a
logic issue causing a sanity check to be missed.
- CVE-2020-7247
Date: 2020-02-04 21:57:24.141268+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
https://launchpad.net/ubuntu/+source/opensmtpd/6.0.3p1-6ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list