On 10/04/17 12:08, Robert Moskowitz wrote: > This was just posted on the Postfix list. Centos 7 ships with: > postfix-2.10.1-6.el7 > > Has this cert advisory been applied to the Centos build of Postfix? > > This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed > 11 years ago in Postfix 2.2.11 and later. 2.10.1 is way later than 2.2.11, this bug was never in any version of postfix that shipped after CentOS 4. Peter _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- From: Peter <peter@xxxxxxxxxxxxxxxx>
- Date: Mon, 10 Apr 2017 12:13:54 +1200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <183dbe30-a56a-49b3-b568-6b569ecb4fae@htt-consult.com>
- References: <3w1Pl23WTkznjbc@tail.porcupine.org> <183dbe30-a56a-49b3-b568-6b569ecb4fae@htt-consult.com>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
- Follow-Ups:
- Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- From: Robert Moskowitz
- Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- References:
- Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- From: Robert Moskowitz
- Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- Prev by Date: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- Next by Date: Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- Previous by thread: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- Next by thread: Re: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
- Index(es):
 |