A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
postfix
The problem can be corrected by upgrading the affected package to version 2.1.3-1ubuntu17.1. In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Jean-Samuel Reynaud noticed a programming error in the IPv6 handling code of Postfix when /proc/net/if_inet6 is not available (which is the case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup" was enabled in the "smtpd_recipient_restrictions", Postfix turned into an open relay, i. e. erroneously permitted the delivery of arbitrary mail to any MX host which has an IPv6 address.