MGASA-2013-0296 Updated ssmtp package fixes security vulnerability

It was reported that ssmtp, an extremely simple MTA to get mail off the system to a mail hub, did not perform x509 certificate validation when initiating a TLS connection to server. A rogue server could use this flaw to conduct man-in- the-middle attack, possibly leading to user credentials leak...

Fedora 17 : ssmtp-2.61-20.fc17 (2013-10128)

Removes world read access from the configuration file thus prohibiting reading of the password stored inside it. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it ...

[SECURITY] [DSA 485-1] New ssmtp packages fix format string vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 485-1 [email protected] http://www.debian.org/security/ Matt Zimmerman April 14th, 2004 http://www.debian.org/security/faq -...

[Full-Disclosure] [SECURITY] [DSA 485-1] New ssmtp packages fix format string vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 485-1 [email protected] http://www.debian.org/security/ Matt Zimmerman April 14th, 2004 http://www.debian.org/security/faq -...