CVS: cvs.openbsd.org: src

Tue, 28 Jan 2020 13:35:22 -0800 

CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected]  2020/01/28 14:35:00

Modified files:
        usr.sbin/smtpd : smtp_session.c 

Log message:
Fix a security vulnerability discovered by Qualys which can lead to a
privileges escalation on mbox deliveries and unprivileged code execution
on lmtp deliveries, due to a logic issue causing a sanity check to be
missed.

ok eric@, millert@

Reply via email to