Advisories ยป MGASA-2021-0503

Updated libesmtp packages fix security vulnerability

Publication date: 10 Nov 2021
Modification date: 10 Nov 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2019-19977

Description

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer
in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based
buffer over-read. (CVE-2019-19977)
                

References

SRPMS

8/core