CERT mailing list archives
OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Wed, 26 Feb 2020 00:49:42 +0000
Cybersecurity and Infrastructure Security Agency Logo National Cyber Awareness System: OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability [ https://www.us-cert.gov/ncas/current-activity/2020/02/25/opensmtpd-releases-version-664p1-address-critical-vulnerability ] 02/25/2020 05:04 PM EST Original release date: February 25, 2020 OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to apply the necessary update. For OpenBSD implementations, binary patches are available through syspatch; see OpenSMTPDs Message 04888 [ https://www.mail-archive.com/misc () opensmtpd org/msg04888.html ] for further instruction. For other systems, the update is available at OpenSMTPDs GitHub release page [ https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.4p1 ]. This product is provided subject to this Notification [ https://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ https://www.dhs.gov/privacy-policy ] policy. body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: #333333; } ________________________________________________________________________ A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () ncas us-cert gov to your address book. OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability US-CERT (Feb 25)