Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 501
Alerts This Week
Warning Icon 1 501

Fedora 22: Security Advisory for OpenSMTPD Remote Attack and DoS

fedora
Calendar Grey October 20, 2015
Dist Fedora Esm H88
Critical patch for Fedora 22 rectifies several security flaws in opensmtpd, enhancing the reliability of email transmission systems.
Issues fixed in this release (since 5.7.2): - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down th...

Summary

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined

by RFC 5321, with some additional standard extensions. It allows ordinary

machines to exchange e-mails with other systems speaking the SMTP protocol.

Started out of dissatisfaction with other implementations, OpenSMTPD nowadays

is a fairly complete SMTP implementation. OpenSMTPD is primarily developed

by Gilles Chehade, Eric Faurot and Charles Longeau; with contributions from

various OpenBSD hackers. OpenSMTPD is part of the OpenBSD Project.

The software is freely usable and re-usable by everyone under an ISC license.

This package uses standard "alternatives" mechanism, you may call

"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.opensmtpd"

if you want to switch to OpenSMTPD MTA immediately after install, and

"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.sendmail" to revert

back to Sendmail as a default mail daemon.

Update Information:

Issues fixed in this release (since 5.7.2): - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda; - fix remote buffer overflow in unprivileged pony process; - reworked offline enqueue to better protect against hardlink attacks. ---- Several vulnerabilities have been fixed in OpenSMTPD 5.7.2: - an oversight in the portable version of fgetln() that allows attackers to read and write out-of-bounds memory; - multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD; - a stack-based buffer overflow that allows local users to crash OpenSMTPD, or execute arbitrary code as the non-chrooted _smtpd user; - a hardlink attack (or race-conditioned symlink attack) that allows local users to unset the chflags() of arbitrary files; - a hardlink attack that allows local users to read the first line of arbitrary files (for example, root's hash fr...

Change Log

References

https://www.opensmtpd.org/announces/release-5.7.2.txt https://seclists.org/oss-sec/2015/q4/17
[ 1 ] Bug #1268837 - opensmtpd-5.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1268837 [ 2 ] Bug #1268509 - opensmtpd: 5.7.2 release available https://bugzilla.redhat.com/show_bug.cgi?id=1268509 [ 3 ] Bug #1268794 - CVE-2015-7687 OpenSMTPD: multiple vulnerabilities fixed in 5.7.2 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1268794 [ 4 ] Bug #1268857 - opensmtpd: Remotely triggerable buffer overflow vulnerability in filter_tx_io [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1268857

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update opensmtpd' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: opensmtpd
Product: Fedora 22
Version: 5.7.3p1
Release: 1.fc22
Summary: Free implementation of the server-side SMTP protocol as defined by RFC 5321

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.