BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: May 25th, 2020 (smtpd_sockaddr)

Errata patches for OpenSMTPD have been released for OpenBSD 6.7.

Incorrect use of getpeername(2) storage for outgoing IPv6 connections
corrupts stack memory. The nature of the corruption and existing
mitigations appear to make this difficult to effectively target.

Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata page:

  https://www.openbsd.org/errata67.html

After patching, restart the smtpd service.