postfix-2.6.6-2.2.AXS4

エラータID: AXSA:2011-720:02

リリース日: 
2011/12/29 Thursday - 12:02
題名: 
postfix-2.6.6-2.2.AXS4
影響のあるチャネル: 
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity: 
Moderate
Description: 

Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS
Security issues fixed with this release:
CVE-2011-1720
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

解決策: 

Update packages.

追加情報: 

From Asianux Server 4 SP1.

ダウンロード: 

SRPMS
  1. postfix-2.6.6-2.2.AXS4.src.rpm
    MD5: 2a6656b86c55dacd8bc6bde13b7faafe
    SHA-256: 672082b66f2f00125f270412c503abbc89059ba78e8787ecd31eb444de3829b0
    Size: 3.26 MB

Asianux Server 4 for x86
  1. postfix-2.6.6-2.2.AXS4.i686.rpm
    MD5: 6771b3a3a9ed41ecad5220b649f38843
    SHA-256: 1d835e326e9e4ce07768a6662e7dbb1bf20714cf19ee45c680adb1458924bcf1
    Size: 2.03 MB

Asianux Server 4 for x86_64
  1. postfix-2.6.6-2.2.AXS4.x86_64.rpm
    MD5: 9e4f9480558c71d8f05172da8f0242b9
    SHA-256: 213004c555d1cba7d2781d9faf4cfa10bc0d453b34fb5220f59c3474922b9423
    Size: 2.03 MB