Fedora 9 Update: postfix-2.5.5-1.fc9
Summary
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL),
TLS
New upstream patch level version 2.5.5, including multiple security fixes
detailed in upstream announcements:
http://www.postfix.org/announcements/20080814.html
http://www.postfix.org/announcements/20080902.html
* Wed Sep 17 2008 Thomas Woerner
- new version 2.5.5
fixes CVE-2008-2936, CVE-2008-2937 and CVE-2008-3889 (rhbz#459101)
* Thu Aug 28 2008 Tom "spot" Callaway
- fix license tag
* Thu Aug 14 2008 Thomas Woerner
- fixed postfix privilege problem with symlinks in the mail spool directory
(CVE-2008-2936) (rhbz#459100)
* Mon May 19 2008 Dennis Gilmore
- rebuild for sparc
[ 1 ] Bug #456347 - CVE-2008-2937 postfix improper mailbox permissions
https://bugzilla.redhat.com/show_bug.cgi?id=456347
[ 2 ] Bug #456314 - CVE-2008-2936 postfix privilege escalation flaw
https://bugzilla.redhat.com/show_bug.cgi?id=456314
[ 3 ] Bug #460906 - CVE-2008-3889 postfix: local DoS via leaked file descriptor
https://bugzilla.redhat.com/show_bug.cgi?id=460906
su -c 'yum update postfix' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
FEDORA-2008-8593 2008-10-09 04:46:39 Product : Fedora 9 Version : 2.5.5 Release : 1.fc9 URL : http://www.postfix.org Summary : Postfix Mail Transport Agent Description : Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS New upstream patch level version 2.5.5, including multiple security fixes detailed in upstream announcements: http://www.postfix.org/announcements/20080814.html http://www.postfix.org/announcements/20080902.html * Wed Sep 17 2008 Thomas Woerner 2:2.5.5-1 - new version 2.5.5 fixes CVE-2008-2936, CVE-2008-2937 and CVE-2008-3889 (rhbz#459101) * Thu Aug 28 2008 Tom "spot" Callaway 2:2.5.1-4 - fix license tag * Thu Aug 14 2008 Thomas Woerner 2:2.5.1-3 - fixed postfix privilege problem with symlinks in the mail spool directory (CVE-2008-2936) (rhbz#459100) * Mon May 19 2008 Dennis Gilmore 2:2.5.1-2.1 - rebuild for sparc [ 1 ] Bug #456347 - CVE-2008-2937 postfix improper mailbox permissions https://bugzilla.redhat.com/show_bug.cgi?id=456347 [ 2 ] Bug #456314 - CVE-2008-2936 postfix privilege escalation flaw https://bugzilla.redhat.com/show_bug.cgi?id=456314 [ 3 ] Bug #460906 - CVE-2008-3889 postfix: local DoS via leaked file descriptor https://bugzilla.redhat.com/show_bug.cgi?id=460906 su -c 'yum update postfix' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Change Log
References