===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata65.html,v
retrieving revision 1.24
retrieving revision 1.25
diff -c -r1.24 -r1.25
*** www/errata65.html 2020/01/15 20:15:10 1.24
--- www/errata65.html 2020/01/28 21:30:52 1.25
***************
*** 390,395 ****
--- 390,417 ----
A source code patch exists which remedies this problem.
+
+ 029: RELIABILITY FIX: January 30, 2020
+ All architectures
+
+ smtpd can crash on opportunistic TLS downgrade, causing a denial of service.
+
+
+ A source code patch exists which remedies this problem.
+
+
+
+ 030: SECURITY FIX: January 30, 2020
+ All architectures
+
+ An incorrect check allows an attacker to trick mbox delivery into executing
+ arbitrary commands as root and lmtp delivery into executing arbitrary commands
+ as an unprivileged user.
+
+
+ A source code patch exists which remedies this problem.
+
+