*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: ssmtp The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain configurations, uses uninitialized memory for the From: field of an e-mail message, which might allow remote attackers to obtain sensitive information (memory contents) in opportunistic circumstances by reading a message. This fix was already applied in Debian. ** Affects: ssmtp (Ubuntu) Importance: Undecided Status: New ** Affects: ssmtp (Debian) Importance: Unknown Status: Unknown ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3962 ** Bug watch added: Debian Bug tracker #498366 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498366 ** Also affects: ssmtp (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498366 Importance: Unknown Status: Unknown -- [CVE-2008-3962] allow remote attackers to obtain sensitive information https://bugs.launchpad.net/bugs/278978 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs