File: [local] / www / opensmtpd / security.html (download) (as text)
Revision 1.25, Mon Feb 24 22:25:31 2020 UTC (4 years, 3 months ago) by tj
Branch: MAIN
CVS Tags: HEAD
Changes since 1.24: +0 -1 lines
remove an extra <ul> tag that shouldn't be there
|
<!doctype html>
<html lang=en>
<meta charset=utf-8>
<title>OpenSMTPD: Security</title>
<meta name="description" content="OpenSMTPD advisories">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.opensmtpd.org/security.html">
<style>
h3 {
color: var(--red);
}
</style>
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>SMTPD</b></a>
Security
</h2>
<hr>
<p>
OpenSMTPD is developed with the same rigorous security process that the
OpenBSD group is famous for. If you wish to report a security issue in
OpenSMTPD, please contact the private developers list <<a href="mailto:opensmtpd-security@openbsd.org">opensmtpd-security@openbsd.org</a>>.
<p>
For more information, see the
<a href="https://www.openbsd.org/security.html">OpenBSD security page</a>.
<ul>
<li>
<h3 id="664">OpenSMTPD 6.6.4 Security Advisories</h3>
<p>
These are the OpenSMTPD 6.6.4 advisories — all these problems are solved
in our repository as well as in newer snapshots and releases starting with 6.6.4.
<ul>
<li>February 24, 2020:
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/021_smtpd_envelope.patch.sig">
An out of bounds read in smtpd allows an attacker to inject arbitrary
commands into the envelope file which are then executed as root.
Separately, missing privilege revocation in smtpctl allows arbitrary
commands to be run with the _smtpq group.</a>
</ul>
<li>
<h3 id="661">OpenSMTPD 6.6.1 Security Advisories</h3>
<p>
These are the OpenSMTPD 6.6.1 advisories — all these problems are solved
in our repository as well as in newer snapshots and releases starting with 6.6.2.
All versions from 6.4.0 up to 6.6.2 are impacted.
<ul>
<li>January 28, 2020:
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/019_smtpd_exec.patch.sig">
An incorrect check allows an attacker to trick mbox delivery into executing
arbitrary commands as root and lmtp delivery into executing arbitrary commands
as an unprivileged user.</a>
</ul>
<li>
<h3 id="545">OpenSMTPD 5.4.5 Security Advisories</h3>
<p>
These are the OpenSMTPD 5.4.5 advisories — all these problems are solved
in our repository as well as in newer snapshots and releases.
<ul>
<li>June 19, 2015:
<a href="https://github.com/OpenSMTPD/OpenSMTPD/commit/c008f17c30f78b4877be768e641a56317e927dca">
A logic error can allow a local user to crash the server.</a>
<li>October 1, 2015:
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.8/common/004_smtpd.patch.sig">
Fix multiple reliability and security issues in smtpd.</a>
</ul>
<li>
<h3 id="544">OpenSMTPD 5.4.4 Security Advisories</h3>
<p>
These are the OpenSMTPD 5.4.4 advisories — all these problems are solved
in our repository as well as in newer snapshots and releases.
<ul>
<li>April 17, 2015:
<a href="https://github.com/poolpOrg/OpenSMTPD/commit/8033379df63459667510537880d8f5b93fecea44">
OpenSMTPD's SSL layer has a bug in the handling of SNI negotiation which can
lead to an attacker causing an invalid certificate being presented to a
concurrent session, a client disconnect or a server crash.</a>
</ul>
<li>
<h3 id="531">OpenSMTPD 5.3.1 Security Advisories</h3>
<p>
These are the OpenSMTPD 5.3.1 advisories — all these problems are solved
in our repository as well as in newer snapshots and releases.
<ul>
<li>May 16, 2013:
<a href="https://github.com/poolpOrg/OpenSMTPD/commit/d94be90f62f024fd928b9744c5d3af1350f53aab">
OpenSMTPD's SSL layer has a bug in the IO events handler which can cause an evil client or
server to hang all active SSL sessions until they timeout, causing a DoS in smtp and
transfer processes.</a>
</ul>
</ul>
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www / opensmtpd