ASA-202002-13 log generated external raw

[ASA-202002-13] opensmtpd: arbitrary command execution
Arch Linux Security Advisory ASA-202002-13 ========================================== Severity: Critical Date : 2020-02-29 CVE-ID : CVE-2020-8794 Package : opensmtpd Type : arbitrary command execution Remote : Yes Link : Summary ======= The package opensmtpd before version 6.6.4p1-1 is vulnerable to arbitrary command execution. Resolution ========== Upgrade to 6.6.4p1-1. # pacman -Syu "opensmtpd>=6.6.4p1-1" The problem has been fixed upstream in version 6.6.4p1. Workaround ========== None. Description =========== An out-of-bounds read vulnerability has been found in the client-side code of OpenSMTPD <= 6.6.3p1, leading to arbitrary command execution via a crafted SMTP transaction. Impact ====== A remote attacker is able to execute arbitrary commands as root on the affected host. References ==========