Masqmail Security Update for Debian
Posted on: 11/13/2002 10:56 AM

A updated masqmail package is now available for Debian GNU/Linux

A set of buffer overflows have been discovered in masqmail, a mail transport agent for hosts without permanent internet connection. In addition to this privileges were dropped only after reading a user supplied configuration file. Together this could be exploited to gain unauthorized root access to the machine on which masqmail is installed.

These problems have been fixed in version 0.1.16-2.1 for the current stable distribution (woody) and in version 0.2.15-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected since it doesn't contain a masqmail package.


Read more


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/masqmail_security_update_for_debian.html)