AVG-2086 log

Package libesmtp
Status Not affected
Severity High
Type arbitrary code execution
Affected 1.0.6-7
Fixed 1.1.0-1
Current 1.1.0-2 [extra]
Ticket FS#71292
Created Sat Jun 19 07:23:37 2021
Issue Severity Remote Type Description
CVE-2019-19977 High Yes Arbitrary code execution
libESMTP before version 1.1.0 mishandles domain copying into a fixed- size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c. During NTLM authentication, a...
The libesmtp 1.0.6-7 Arch Linux package was built without the --enable-ntlm configuration option, so the vulnerable NTLM authentication support was not enabled.