Sendmail update available to address CVE-2023-51765 (SMTP Smuggling vulnerability)
by jwoithe from LinuxQuestions.org on (#6HJVF)
There has been a so-called "snapshot" release of Sendmail to deal with the SMTP Smuggling vulnerability (CVE-2023-51765) that was disclosed in late Dec 2023. It is version 8.18.0.2 and can be downloaded from https://ftp.sendmail.org/snapshots/. It was briefly mentioned on the oss-security list.
I am not sure what a "snapshot" release is in the context of Sendmail or how "snapshot" versions differ from those which are formally released. Therefore I don't know whether it is appropriate to include it in Slackware 15.0 (and current) as an update. However, at face value it appears to be something to consider given that it addresses a disclosed issue.
I am not sure what a "snapshot" release is in the context of Sendmail or how "snapshot" versions differ from those which are formally released. Therefore I don't know whether it is appropriate to include it in Slackware 15.0 (and current) as an update. However, at face value it appears to be something to consider given that it addresses a disclosed issue.