CVSROOT: /cvs Module name: src Changes by: [email protected] 2015/10/01 18:29:51
Modified files:
usr.sbin/smtpd : lka_session.c
Log message:
fix a stack-based buffer overflow in the token expansion code of the lookup
process (unprivileged), allowing a local user to crash the server or
potentially execute arbitrary code.
reported by Qualys Security
