mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-02 01:20:54 +00:00
Code Issues Releases Activity
9fc14f090e
freebsd-ports/mail/opensmtpd
History
Dima Panov 9fc14f090e mil/opensmtpd: update to 6.6.2p1 relase 
This update addressed LPE and RCE vulnerabilities in OpenSMTPD (CVE-2020-7247)
https://www.openwall.com/lists/oss-security/2020/01/28/3

This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch
smtpd to new grammar") and allows an attacker to execute arbitrary shell
commands, as root:

- either locally, in OpenSMTPD's default configuration (which listens on
  the loopback interface and only accepts mail from localhost);

- or locally and remotely, in OpenSMTPD's "uncommented" default
  configuration (which listens on all interfaces and accepts external
  mail).

PR:		243686
Reported by:	authors via irc
MFH:		2020Q1
Relnotes:	https://www.mail-archive.com/misc@opensmtpd.org/msg04850.html
2020-01-29 02:55:05 +00:00
..
files - Update OpenSMTPd to 6.6.0 portable release 2019-10-26 16:24:47 +00:00
distinfo mil/opensmtpd: update to 6.6.2p1 relase 2020-01-29 02:55:05 +00:00
Makefile mil/opensmtpd: update to 6.6.2p1 relase 2020-01-29 02:55:05 +00:00
pkg-descr
pkg-plist - Update OpenSMTPd to 6.6.0 portable release 2019-10-26 16:24:47 +00:00