===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata66.html,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- www/errata66.html 2020/01/15 20:15:10 1.12
+++ www/errata66.html 2020/01/28 21:30:52 1.13
@@ -272,6 +272,28 @@
A source code patch exists which remedies this problem.
+
+018: RELIABILITY FIX: January 30, 2020
+ All architectures
+
+smtpd can crash on opportunistic TLS downgrade, causing a denial of service.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+019: SECURITY FIX: January 30, 2020
+ All architectures
+
+An incorrect check allows an attacker to trick mbox delivery into executing
+arbitrary commands as root and lmtp delivery into executing arbitrary commands
+as an unprivileged user.
+
+
+A source code patch exists which remedies this problem.
+
+