Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Fedora: 23 OpenSMTPD Update Critical: Buffer Overflow Threats Fixed

fedora
Calendar Grey November 1, 2015
Dist Fedora Esm H88
Boost your Fedora 23 environment with the newest OpenSMTPD security patch that tackles severe vulnerabilities.
Issues fixed in this release (since 5.7.2): - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down th...

Summary

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined

by RFC 5321, with some additional standard extensions. It allows ordinary

machines to exchange e-mails with other systems speaking the SMTP protocol.

Started out of dissatisfaction with other implementations, OpenSMTPD nowadays

is a fairly complete SMTP implementation. OpenSMTPD is primarily developed

by Gilles Chehade, Eric Faurot and Charles Longeau; with contributions from

various OpenBSD hackers. OpenSMTPD is part of the OpenBSD Project.

The software is freely usable and re-usable by everyone under an ISC license.

This package uses standard "alternatives" mechanism, you may call

"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.opensmtpd"

if you want to switch to OpenSMTPD MTA immediately after install, and

"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.sendmail" to revert

back to Sendmail as a default mail daemon.

Update Information:

Issues fixed in this release (since 5.7.2): - fix an mda buffer truncation bug which allows a user to create forward files that pass session checks but fail delivery later down the chain, within the user mda; - fix remote buffer overflow in unprivileged pony process; - reworked offline enqueue to better protect against hardlink attacks. ---- Several vulnerabilities have been fixed in OpenSMTPD 5.7.2: - an oversight in the portable version of fgetln() that allows attackers to read and write out-of-bounds memory; - multiple denial-of-service vulnerabilities that allow local users to kill or hang OpenSMTPD; - a stack-based buffer overflow that allows local users to crash OpenSMTPD, or execute arbitrary code as the non-chrooted _smtpd user; - a hardlink attack (or race-conditioned symlink attack) that allows local users to unset the chflags() of arbitrary files; - a hardlink attack that allows local users to read the first line of arbitrary files (for example, root's hash fr...

Change Log

References

https://www.opensmtpd.org/announces/release-5.7.2.txt https://seclists.org/oss-sec/2015/q4/17
[ 1 ] Bug #1268837 - opensmtpd-5.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1268837 [ 2 ] Bug #1268509 - opensmtpd: 5.7.2 release available https://bugzilla.redhat.com/show_bug.cgi?id=1268509 [ 3 ] Bug #1268794 - CVE-2015-7687 OpenSMTPD: multiple vulnerabilities fixed in 5.7.2 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1268794 [ 4 ] Bug #1268857 - opensmtpd: Remotely triggerable buffer overflow vulnerability in filter_tx_io [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1268857

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update opensmtpd' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: opensmtpd
Product: Fedora 23
Version: 5.7.3p1
Release: 1.fc23
Summary: Free implementation of the server-side SMTP protocol as defined by RFC 5321

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.