Bastian Blank discovered a vulnerability in bsmtpd, a batched SMTP mailer for
sendmail and postfix. Unsanitised addresses can cause the execution
of arbitrary commands during alleged mail delivery.
For the stable distribution (woody) this problem has been fixed in
version 2.3pl8b-12woody1.
For the unstable distribution (sid) this problem has been fixed in
version 2.3pl8b-16.
We recommend that you upgrade your bsmtpd package.