[CentOS] Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2
Peter
peter at pajamian.dhs.org
Mon Apr 10 00:13:54 UTC 2017
On 10/04/17 12:08, Robert Moskowitz wrote:
> This was just posted on the Postfix list. Centos 7 ships with:
> postfix-2.10.1-6.el7
>
> Has this cert advisory been applied to the Centos build of Postfix?
>
> This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed
> 11 years ago in Postfix 2.2.11 and later.
2.10.1 is way later than 2.2.11, this bug was never in any version of
postfix that shipped after CentOS 4.
Peter
More information about the CentOS
mailing list