On 10/04/17 12:08, Robert Moskowitz wrote: > This was just posted on the Postfix list. Centos 7 ships with: > postfix-2.10.1-6.el7 > > Has this cert advisory been applied to the Centos build of Postfix? > > This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed > 11 years ago in Postfix 2.2.11 and later. 2.10.1 is way later than 2.2.11, this bug was never in any version of postfix that shipped after CentOS 4. Peter