* SECURITY UPDATE: allow remote attackers to obtain sensitive
information (LP: #278978)
* debian/patches/02-CVE-2008-3962: adjust in ssmtp.c to fix
unitialized memory disclosure.
* SECURITY UPDATE: Buffer overflow (LP: #282424)
* debian/patches/03_fix_buffer_overflow: adjust ssmtp.c to fix
a buffer overflow with using 2 bytes in length instead of one in buffer.
* References:
CVE-2008-3962 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498366
-- Stefan Ebner <email address hidden> Tue, 07 Oct 2008 16:22:39 +0200
This bug was fixed in the package ssmtp - 2.62-1ubuntu3
---------------
ssmtp (2.62-1ubuntu3) intrepid; urgency=low
* SECURITY UPDATE: allow remote attackers to obtain sensitive patches/ 02-CVE- 2008-3962: adjust in ssmtp.c to fix patches/ 03_fix_ buffer_ overflow: adjust ssmtp.c to fix bugs.debian. org/cgi- bin/bugreport. cgi?bug= 498366
information (LP: #278978)
* debian/
unitialized memory disclosure.
* SECURITY UPDATE: Buffer overflow (LP: #282424)
* debian/
a buffer overflow with using 2 bytes in length instead of one in buffer.
* References:
CVE-2008-3962
http://
-- Stefan Ebner <email address hidden> Tue, 07 Oct 2008 16:22:39 +0200