Bug 35582

Summary: [MAINTAINER UPDATE] update mail/libesmtp to 0.8.11
Product: Ports & Packages Reporter: John Merryweather Cooper <john_m_cooper>
Component: Individual Port(s)Assignee: Ade Lovett <ade>
Status: Closed FIXED    
Severity: Affects Only Me CC: tobez
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
update-libesmtp-0.8.11 none

Description John Merryweather Cooper 2002-03-06 06:10:01 UTC 
	Updates libesmtp to version 0.8.11
	
	* fixes a buffer-overflow security hole--from the author:
	
	A potential buffer overflow in libESMTP exists which could allow
	a malicious SMTP server to overrun the stack and attack the 
	client application.  Basically a multiline SMTP response where
	the accumulated text exceeds 4Kb will overrun the stack.  AFAIK,
	the attack is not possible unless each line of the response is 
	less than 1024 bytes long.
	
	* incorporates NTLM header patch

How-To-Repeat: 	N/A
Comment 1 Ade Lovett freebsd_committer freebsd_triage 2002-03-13 00:25:34 UTC 
State Changed
From-To: open->closed

Update committed, thanks!
Comment 2 Ade Lovett freebsd_committer freebsd_triage 2002-03-13 00:25:34 UTC 
Responsible Changed
From-To: freebsd-ports->ade