A security issue was identified in ngx_mail_smtp_module, which might allow an attacker to cause buffer over-read, potentially resulting in sensitive information leak in a HTTP request to the authentication server (CVE-2025-53859).
The issue happens during the SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects nginx 0.7.22-1.29.0. The issue is fixed in nginx 1.29.1. For older versions, any of the following measures can be used as a temporary workaround: (1) disable the "none" parameter in the "smtp_auth" directive. (2) remove the "Auth-Wait" header line in the authentication server response. Patch for the issue can be found here: https://nginx.org/download/patch.2025.smtp.txt -- Sergey Kandaurov _______________________________________________ nginx-announce mailing list nginx-announce@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx-announce
