Source: opensmtpd Version: 5.4.2p1-4 Severity: grave Tags: security upstream fixed-upstream
Hi, the following vulnerability was published for opensmtpd. CVE-2015-7687[0]: use-after-free issue in OpenSMTPD Actually there were even more issues fixed in the latest release (5.7.2), which do not have (yet) a CVE. See [1] for details. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-7687 [1] http://www.openwall.com/lists/oss-security/2015/10/02/8 [2] https://www.opensmtpd.org/announces/release-5.7.2.txt Regards, Salvatore