USN-74-1: Postfix vulnerability
Posted on: 02/04/2005 04:53 AM

A Postfix security update has been released for Ubuntu Linux 4.10

Ubuntu Security Notice USN-74-1 February 04, 2005
postfix vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to version 2.1.3-1ubuntu17.1. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Jean-Samuel Reynaud noticed a programming error in the IPv6 handling code of Postfix when /proc/net/if_inet6 is not available (which is the case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup" was enabled in the "smtpd_recipient_restrictions", Postfix turned into an open relay, i. e. erroneously permitted the delivery of arbitrary mail to any MX host which has an IPv6 address.

Source archives:
Size/MD5: 411105 ebec5936210e45ace9340f8222d80b7c
Size/MD5: 864 07856f476ec0b61011def96d4516c118
Size/MD5: 1971632 1f515b0d80cd1f9db0113240bf36f248

Architecture independent packages:
Size/MD5: 97046 79e78142e88c18575899580bf9b16ca0
Size/MD5: 643972 e2e331623971c0b0f45970586ff7a083

amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 35436 4bbea082d8d7d5ac5b1ea6f7d6cf8fa0
Size/MD5: 31328 08e3729b757df658b99a56e50e9a9d5f
Size/MD5: 30904 7ea9aafc438c944ffcd18ae32805e660
Size/MD5: 31636 ba7382b65df65cba401b2cb1ad051a68
Size/MD5: 156534 b46680cedf669bd7ed9e90bd34d6ca91
Size/MD5: 820506 bb67674c0e0c5bde0be5e506596cb033

i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 34718 959a134b3d0b74faa0b56ded62ed005b
Size/MD5: 30826 50142456894a4bc49447f83392257ef6
Size/MD5: 30538 bb84db9e33c6b8da8b0dd99603425587
Size/MD5: 31098 606592256cfeda5aa28605185c44e66e
Size/MD5: 143034 09192e5964ca3b7d237e4c476b0ffb53
Size/MD5: 763490 0160158cb855957e0176a006176eb8c0

powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 36572 0a88dc7ab945722c44994c850b36dc09
Size/MD5: 32724 880fbe7900ad95803eb1d9d0e26a1cf4
Size/MD5: 32456 9946903ac57e73a22c159053be39c44d
Size/MD5: 33024 850289233b4d68d1e8dcb8a347fc6cd9
Size/MD5: 152468 d9e01c2eb71815f2da46870f0fa7353f
Size/MD5: 826188 77ed80d8e59e914124fc6bbafd07c3b2

Printed from Linux Compatible (