Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-35679 - log back

CVE-2020-35679 edited at 26 Dec 2020 14:25:29

Severity

-	Unknown
+	High

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Information disclosure

Description

+	smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.

References

+	https://github.com/openbsd/src/commit/79a034b4aed29e965f45a13409268290c9910043

Notes

CVE-2020-35679 created at 26 Dec 2020 14:24:46