Home > Security > Advisories


Mandriva Advisories

Package name postfix
Date November 29th, 2001
Advisory ID MDKSA-2001:089
Affected versions 7.1, 7.2, 8.0, 8.1, CS1.0
Synopsis Updated postfix packages fix potential remote DoS

Problem Description

Wietse Venema, the author of postfix, reported a vulnerability in the
SMTP server where a remote attacker could execute a Denial of Service
attack on it. The SMTP session log could grow to an unreasonable
size and could possibly exhause the server's memory if no other limits
were enforced.

Updated Packages

Mandrakelinux 7.1

 d681cb80239631ba2ed0c287aa66a778  7.1/RPMS/postfix-19991231-6.1mdk.i586.rpm
3601ac46596dadf8b022cccd241001b1  7.1/SRPMS/postfix-19991231-6.1mdk.src.rpm

Mandrakelinux 7.2

 f4ab1a1053e6b9b883128e5f6fb8a654  7.2/RPMS/postfix-19991231_pl08-5.1mdk.i586.rpm
d6245d5a737ccefc12985752a7e84c88  7.2/SRPMS/postfix-19991231_pl08-5.1mdk.src.rpm

Mandrakelinux 8.0

 c5ceac6dc1e16f70d17cd368e14bd6a4  8.0/RPMS/postfix-20010228-6.1mdk.i586.rpm
b75273ca2170acc22b2674c617655e1b  8.0/SRPMS/postfix-20010228-6.1mdk.src.rpm

Mandrakelinux 8.0/PPC

 d95f258bbd8fd97307f6072b97f20aea  ppc/8.0/RPMS/postfix-20010228-6.1mdk.ppc.rpm
b75273ca2170acc22b2674c617655e1b  ppc/8.0/SRPMS/postfix-20010228-6.1mdk.src.rpm

Mandrakelinux 8.1

 e5a8b7703cb3340522bc232a03a64716  8.1/RPMS/postfix-20010228-15.1mdk.i586.rpm
c21968344242a581e71569bf22be0859  8.1/SRPMS/postfix-20010228-15.1mdk.src.rpm

Corporate Server 1.0.1

 d681cb80239631ba2ed0c287aa66a778  1.0.1/RPMS/postfix-19991231-6.1mdk.i586.rpm
3601ac46596dadf8b022cccd241001b1  1.0.1/SRPMS/postfix-19991231-6.1mdk.src.rpm




To upgrade automatically, use MandrivaUpdate.


Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.