BSDSec

deadsimple BSD Security Advisories and Announcements

smtpd errata

Patches are now available for 5.6 and 5.7 which fix an smtpd errata.

5.6 errata 25 and 5.7 errata 8:
Fix multiple reliability issues in smtpd:
a local user can cause smtpd to fail by writing an invalid imsg to control socket.
a local user can prevent smtpd from serving new requests by exhausting descriptors.

Links:

http://www.openbsd.org/errata56.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/025_smtpd.patch.sig

http://www.openbsd.org/errata57.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/008_smtpd.patch.sig