Fix two security vulnerabilities discovered by Qualys. - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	millert <millert@openbsd.org>	2020-02-24 16:16:07 +0000
committer	millert <millert@openbsd.org>	2020-02-24 16:16:07 +0000
commit	0228dab008714e5c4cb4c4fdb7e20836742f6fc9 (patch)
tree	7462a21a194bec025a07b7e9ea83b7f35638b8c0 /usr.bin/dig/lib/dns/message.c
parent	dead store, pointed out by scan build (diff)
download	wireguard-openbsd-0228dab008714e5c4cb4c4fdb7e20836742f6fc9.tar.xz wireguard-openbsd-0228dab008714e5c4cb4c4fdb7e20836742f6fc9.zip

Fix two security vulnerabilities discovered by Qualys.

An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group.

Diffstat (limited to 'usr.bin/dig/lib/dns/message.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: