Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d72b3577 by Salvatore Bonaccorso at 2023-12-21T18:05:24+01:00 Add Debian bug reference for postfix issue - - - - - 7ec16f1b by Salvatore Bonaccorso at 2023-12-21T18:07:23+01:00 Add todo item for SMTP issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,9 +1,10 @@ CVE-2023-XXXX [SMTP smuggling attack] - - postfix <unfixed> + - postfix <unfixed> (bug #1059230) NOTE: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ NOTE: https://www.openwall.com/lists/oss-security/2023/12/21/6 NOTE: postfix: https://www.mail-archive.com/postfix-users@postfix.org/msg100901.html NOTE: postfix: Short-term Mitigation: smtpd_forbid_unauth_pipelining = yes + TODO: track other major mailserver implementations CVE-2023-48291 - airflow <itp> (bug #819700) CVE-2023-47265 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cf3a53e23ed0e4f398fd5cd36ffe3dfff24427f0...7ec16f1baa33f40ff2d3710c4dedd85f73abac34 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cf3a53e23ed0e4f398fd5cd36ffe3dfff24427f0...7ec16f1baa33f40ff2d3710c4dedd85f73abac34 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits