[Git][security-tracker-team/security-tracker][master] Triage CVE-2020-35680 in opensmtpd for stretch LTS.
Chris Lamb
lamby at debian.org
Wed Jan 6 10:05:31 GMT 2021
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1758dfd3 by Chris Lamb at 2021-01-06T10:04:57+00:00
Triage CVE-2020-35680 in opensmtpd for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3637,6 +3637,7 @@ CVE-2020-35681 [Potential leakage of session identifiers using legacy AsgiHandle
NOTE: https://github.com/django/channels/commit/e85874d9630474986a6937430eac52db79a2a022 (3.0.3)
CVE-2020-35680 (smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurati ...)
- opensmtpd 6.8.0p2-1 (bug #978039)
+ [stretch] - opensmtpd <not-affected> (new filter grammar support added in ec69ed85b6c)
NOTE: https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1
NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html
CVE-2020-35679 (smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, whi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1758dfd37b2ff14f70909f144af5575a95b95a51
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1758dfd37b2ff14f70909f144af5575a95b95a51
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210106/e44c2d0b/attachment.html>
More information about the debian-security-tracker-commits
mailing list