masqmail - buffer overflows

A set of buffer overflows have been discovered in masqmail, a mail
transport agent for hosts without permanent internet connection. In
addition to this privileges were dropped only after reading a user
supplied configuration file. Together this could be exploited to gain
unauthorized root access to the machine on which masqmail is
installed.

These problems have been fixed in version 0.1.16-2.1 for the current
stable distribution (woody) and in version 0.2.15-1 for the unstable
distribution (sid). The old stable distribution (potato) is not
affected since it doesn’t contain a masqmail package.

We recommend that you upgrade your masqmail package immediately.