Debian releases fix for maildrop

The lockmail function for maildrop, a mail delivery agent with filtering capabilities, does not properly drop its group (mail) privileges after executing. An attacker could exploit this to run their own code and commands with the elevated group privilege. For more, to to:

Join the newsletter!

Error: Please check your email address.

More about Debian

Show Comments