CVSROOT: /cvs Module name: src Changes by: gil...@cvs.openbsd.org 2015/10/01 18:29:51
Modified files:
usr.sbin/smtpd : lka_session.c
Log message:
fix a stack-based buffer overflow in the token expansion code of the lookup
process (unprivileged), allowing a local user to crash the server or
potentially execute arbitrary code.
reported by Qualys Security
