Date: Fri, 2 Oct 2015 15:25:06 +0200 From: Arrigo Triulzi <arrigo@...hemistowl.org> To: oss-security@...ts.openwall.com Cc: misc <misc@...nsmtpd.org> Subject: Re: CVE requests: Critical vulnerabilities in OpenSMTPD On Oct 2, 2015, at 15:22, Jason A. Donenfeld <Jason@...c4.com> wrote: > See this excerpt from the release notes below. Quite a few bugs. Looks > like at least one of them might invalidate the openbsd.org claim, > "Only two remote holes in the default install, in a heck of a long > time!”. OpenSMTPD only listens on localhost in the default install. Arrigo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ