Notified: January 31, 2020 Updated: January 31, 2020
Affected
No statement is currently available from the vendor regarding this vulnerability.
OpenSMTPD version 6.6.2p1-r0 has been implemented in the latest version of Alpine Linux.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: March 09, 2020
Statement Date: March 06, 2020
Not Affected
Our products are not impacted by this issue.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Not Affected
No products Arista Networks sells are affected by VU#390745 aka CVE-2020-7247. This is due to that library not being used nor included in any of the products.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 04, 2020
Statement Date: February 03, 2020
Not Affected
Container Linux does not ship OpenSMTPD and so is not vulnerable.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Statement Date: January 31, 2020
Affected
This affected Debian and has been adressed:https://www.debian.org/security/2020/dsa-4611
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Not Affected
F5 Networks products are not affected as OpenSMTPD is not included. For products that are installed on a host OS(virtual edition,etc.)the presence of OpenSMTPD will depend on the host OS and not the F5 product. Customers are advised to check with the host OS vendor to determine if their platform is affected.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 04, 2020
Not Affected
FreeBSD has never shipped with OpenSMTPD installed by default. We do provide OpenSMTPD as part of our third-party package collection and users can also build the package from our ports tree. The port was updated on Wednesday 29th January at 02:55 UTC and the fix was merged to the 2020Q1 quarterly branch on Friday 31st January at 09:37 UTC. Pre-built packages of the updated port have been available on our mirrors since Thursday 30th January 2020 at 14:16 UTC(head)and Sunday 2nd February 2020 at 01:10 UTC(quarterly).
OpenSMTPD version 6.6.2p1-r0 has been implemented in the latest version of FreeBSD.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Not Affected
None of the most popular illumos distributions(OpenIndiana,SmartOS,OmniOSce)ship with OpenSMTPD. A cursory survey of others indicates no OpenSMTPD either.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Not Affected
NetBSD is not vulnerable - we do not ship/have never shipped OpenSMTPD.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: January 31, 2020
Affected
No statement is currently available from the vendor regarding this vulnerability.
OpenBSD has released a patch in OpenSMTPD version 6.6.2p1 to address this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 05, 2020
Not Affected
QNX is not vulnerable - OpenSMTPD has not shipped as part of our product.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Statement Date: February 01, 2020
Not Affected
Neither SUSE nor openSUSE do not include opensmtpd,so SUSE is not affected by this problem.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: February 03, 2020
Statement Date: February 03, 2020
Not Affected
Synology does not employ OpenSMTPD for our products,including MailPlus[1]and Mail Station[2]. [1] https://www.synology.com/dsm/feature/mailplus[2]https://www.synology.com/dsm/packages/MailStation
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Updated: February 07, 2020
Affected
CVE-2020-7247 has been patched in the following Ubuntu releases: 18.04 Bionic Beaver:OpenSMTPD 6.0.3p1-1ubuntu0.1 19.10 Eoan Ermine:OpenSMTPD 6.0.3p6-1ubuntu0.1 Please see USN-4268-1(https://usn.ubuntu.com/4268-1/)for more details.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: January 31, 2020 Updated: January 31, 2020
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.