oss-sec mailing list archives
Re: CVE requests: Critical vulnerabilities in OpenSMTPD
From: Arrigo Triulzi <arrigo () alchemistowl org>
Date: Fri, 2 Oct 2015 15:25:06 +0200
On Oct 2, 2015, at 15:22, Jason A. Donenfeld <Jason () zx2c4 com> wrote:
See this excerpt from the release notes below. Quite a few bugs. Looks like at least one of them might invalidate the openbsd.org claim, "Only two remote holes in the default install, in a heck of a long time!”.
OpenSMTPD only listens on localhost in the default install. Arrigo
Current thread:
- CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Arrigo Triulzi (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Gilles Chehade (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Jason A. Donenfeld (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Gilles Chehade (Oct 02)
- Re: CVE requests: Critical vulnerabilities in OpenSMTPD Arrigo Triulzi (Oct 02)