AVG-1381 log

Package opensmtpd
Status Fixed
Severity High
Type multiple issues
Affected 6.7.1p1-6
Fixed 6.8.0p2-1
Current 7.5.0p0-2 [extra]
Ticket None
Created Sat Dec 26 14:24:46 2020
Issue Severity Remote Type Description
CVE-2020-35680 Low Yes Denial of service
smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference...
CVE-2020-35679 High Yes Information disclosure
smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to...
Date Advisory Package Type
12 Jan 2021 ASA-202101-18 opensmtpd multiple issues