Date: Fri, 2 Oct 2015 15:25:06 +0200 From: Arrigo Triulzi <arrigo@...hemistowl.org> To: oss-security@...ts.openwall.com Cc: misc <misc@...nsmtpd.org> Subject: Re: CVE requests: Critical vulnerabilities in OpenSMTPD On Oct 2, 2015, at 15:22, Jason A. Donenfeld <Jason@...c4.com> wrote: > See this excerpt from the release notes below. Quite a few bugs. Looks > like at least one of them might invalidate the openbsd.org claim, > "Only two remote holes in the default install, in a heck of a long > time!”. OpenSMTPD only listens on localhost in the default install. Arrigo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.