Fedora 40: opensmtpd 2024-28fde3feb7 Security Advisory Updates
Summary
OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined
by RFC 5321, with some additional standard extensions. It allows ordinary
machines to exchange e-mails with other systems speaking the SMTP protocol.
Started out of dissatisfaction with other implementations, OpenSMTPD nowadays
is a fairly complete SMTP implementation. OpenSMTPD is primarily developed
by Gilles Chehade, Eric Faurot and Charles Longeau; with contributions from
various OpenBSD hackers. OpenSMTPD is part of the OpenBSD Project.
The software is freely usable and re-usable by everyone under an ISC license.
This package uses standard "alternatives" mechanism, you may call
"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.opensmtpd"
if you want to switch to OpenSMTPD MTA immediately after install, and
"/usr/sbin/alternatives --set mta /usr/sbin/sendmail.sendmail" to revert
back to Sendmail as a default mail daemon.
Update Information:
opensmtpd: 7.4.0p1 release
Change Log
* Tue Mar 26 2024 Denis Fateyev
References
[ 1 ] Bug #2184677 - CVE-2023-29323 opensmtpd: ascii_load_sockaddr can abort upon a connection from a local scoped IPv6 address [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2184677 [ 2 ] Bug #2215684 - opensmtpd-7.4.0p1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2215684 [ 3 ] Bug #2271570 - opensmtpd uses openssl1.1 which is about to be retired https://bugzilla.redhat.com/show_bug.cgi?id=2271570 [ 4 ] Bug #2272512 - F40FailsToInstall: opensmtpd https://bugzilla.redhat.com/show_bug.cgi?id=2272512
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-28fde3feb7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label