===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata65.html,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- www/errata65.html 2020/01/15 20:15:10 1.24
+++ www/errata65.html 2020/01/28 21:30:52 1.25
@@ -390,6 +390,28 @@
A source code patch exists which remedies this problem.
+
+029: RELIABILITY FIX: January 30, 2020
+ All architectures
+
+smtpd can crash on opportunistic TLS downgrade, causing a denial of service.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+030: SECURITY FIX: January 30, 2020
+ All architectures
+
+An incorrect check allows an attacker to trick mbox delivery into executing
+arbitrary commands as root and lmtp delivery into executing arbitrary commands
+as an unprivileged user.
+
+
+A source code patch exists which remedies this problem.
+
+