blob: 31b73ec21f4a57806229eb43421daaa933d7ea0f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
#use wml::debian::translation-check translation="1.1" maintainer=""
#pddp arteek
<define-tag description>format string</define-tag>
<define-tag moreinfo>
<p>Max Vozeler discovered two format string vulnerabilities in ssmtp, a
simple mail transport agent. Untrusted values in the functions die()
and log_event() were passed to printf-like functions as format
strings. These vulnerabilities could potentially be exploited by a
remote mail relay to gain the privileges of the ssmtp process
(including potentially root).</p>
<p>For the current stable distribution (woody) this problem will be fixed
in version 2.50.6.1.</p>
<p>For the unstable distribution (sid), this problem will be fixed soon.</p>
<p>We recommend that you update your ssmtp package.</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2004/dsa-485.data"
|
