Debian 10206 Published by

The following security update has been released for Debian GNU/Linux 10 (Buster):

ELA-1147-1 python-aiosmtpd security update




ELA-1147-1 python-aiosmtpd security update

Package : python-aiosmtpd
Version : 1.2-3+deb10u1 (buster)

Related CVEs :
CVE-2024-27305
CVE-2024-34083

Two vulnerabilities have been fixed in python-aiosmtpd, an asyncio based SMTP server.
CVE-2024-27305
SMTP smuggling with non-standard line endings

CVE-2024-34083
STARTTLS unencrypted command injection

ELA-1147-1 python-aiosmtpd security update