Re: Version of Postfix in Fedora not kept up to date

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

kvantanet@xxxxxxxxx wrote:

Why is always Postfix a couple of versions behind?
The latest version of Postfix is now 2.5.5 and F10 includes only 2.5.1. (Released 2008-02-17)
Other distros like Debian always updates this package. Fedora never updates this package after release. 
Does this mean the we don't need to address the issues corrected in new versions of Postfix?

E.G. Latest 2 issues

----------------------------------------  SNIP -----------------------------------------------

20080814

	Security: some systems have changed their link() semantics,
	and will hardlink a symlink, contrary to POSIX and XPG4.
	Sebastian Krahmer, SuSE. File: util/safe_open.c.

	The solution introduces the following incompatible change:
	when the target of mail delivery is a symlink, the parent
	directory of that symlink must now be writable by root only
	(in addition to the already existing requirement that the
	symlink itself is owned by root).  This change will break
	legitimate configurations that deliver mail to a symbolic
	link in a directory with less restrictive permissions.

20080826

	Bugfix (introduced Postfix 2.4): epoll file descriptor leak.
	With Postfix >= 2.4 on Linux >= 2.6, Postfix has an epoll
	file descriptor leak when it executes non-Postfix commands
	in, for example, user-controlled $HOME/.forward files.  A
	local user can access a leaked epoll file descriptor to
	implement a denial of service attack on Postfix. Data
	confidentiality and integrity are not affected.  File:
	util/events.c.

----------------------------------------  /SNIP -----------------------------------------------

More at : ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.5.HISTORY

Best

T.L. kvantanet
Contact the package maintainer and see what he says ( or post this question on -devel )... 

JBG


begin:vcard
fn:Johann B. Gudmundsson
n:Gudmundsson;Johann B.
org:Reiknistofnun - University of Iceland;IT Management
adr:Taeknigardi;;Dunhagi 5;Reykjavik;;107;Iceland
email;internet:johannbg@xxxxx
title:Unix System Engineer RHCE,CCSA
tel;work:+3545254267
tel;fax:+3545528801
tel;pager:N/A
tel;home:N/A
tel;cell:N/A
url:www.rhi.hi.is
version:2.1
end:vcard


-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list
[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux