Advisories
Mandriva Advisories
|
 |
| Problem Description |
Wietse Venema, the author of postfix, reported a vulnerability in the
SMTP server where a remote attacker could execute a Denial of Service
attack on it. The SMTP session log could grow to an unreasonable
size and could possibly exhause the server's memory if no other limits
were enforced.
| Updated Packages |
Mandrakelinux 7.1
d681cb80239631ba2ed0c287aa66a778 7.1/RPMS/postfix-19991231-6.1mdk.i586.rpm 3601ac46596dadf8b022cccd241001b1 7.1/SRPMS/postfix-19991231-6.1mdk.src.rpm
Mandrakelinux 7.2
f4ab1a1053e6b9b883128e5f6fb8a654 7.2/RPMS/postfix-19991231_pl08-5.1mdk.i586.rpm d6245d5a737ccefc12985752a7e84c88 7.2/SRPMS/postfix-19991231_pl08-5.1mdk.src.rpm
Mandrakelinux 8.0
c5ceac6dc1e16f70d17cd368e14bd6a4 8.0/RPMS/postfix-20010228-6.1mdk.i586.rpm b75273ca2170acc22b2674c617655e1b 8.0/SRPMS/postfix-20010228-6.1mdk.src.rpm
Mandrakelinux 8.0/PPC
d95f258bbd8fd97307f6072b97f20aea ppc/8.0/RPMS/postfix-20010228-6.1mdk.ppc.rpm b75273ca2170acc22b2674c617655e1b ppc/8.0/SRPMS/postfix-20010228-6.1mdk.src.rpm
Mandrakelinux 8.1
e5a8b7703cb3340522bc232a03a64716 8.1/RPMS/postfix-20010228-15.1mdk.i586.rpm c21968344242a581e71569bf22be0859 8.1/SRPMS/postfix-20010228-15.1mdk.src.rpm
Corporate Server 1.0.1
d681cb80239631ba2ed0c287aa66a778 1.0.1/RPMS/postfix-19991231-6.1mdk.i586.rpm 3601ac46596dadf8b022cccd241001b1 1.0.1/SRPMS/postfix-19991231-6.1mdk.src.rpm
| References |
http://online.securityfocus.com/bid/3544
http://www.securityfocus.com/archive/1/240354
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.