Login
Newsletter
Werbung

Sicherheit: Denial of Service in postfix
Aktuelle Meldungen Distributionen
Name: Denial of Service in postfix
ID: TLSA-2008-33
Distribution: TurboLinux
Plattformen: Turbolinux Client 2008, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition
Datum: Fr, 12. September 2008, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3889
Applikationen: Postfix

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2008-33
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 11 Sep 2008
Last revised: 11 Sep 2008

Package: postfix

Summary: Postfix denial of service

More information:
Postfix is a Mail Transport Agent (MTA).

A vulnerability in Postfix 2.4 and later was discovered, when running on
Linux kernel 2.6,
where a local user could cause a denial of service due to Postfix leaking
the epoll
file descriptor when executing non-Postfix commands (CVE-2008-3889).

Affected Products:
- Turbolinux Client 2008
- Turbolinux Appliance Server 3.0 x64 Edition
- Turbolinux Appliance Server 3.0
- Turbolinux 11 Server x64 Edition
- Turbolinux 11 Server
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server


<Turbolinux Client 2008>

Source Packages
Size: MD5

postfix-2.5.3-2.src.rpm
3236416 53382b9262caf2ec3db0ce791b4fd436

Binary Packages
Size: MD5

postfix-2.5.3-2.i586.rpm
3975003 262208699ab1b14d12e103fc3e15c359
postfix-pflogsumm-2.5.3-2.i586.rpm
45263 7d74e4843ced2df8c6c1fb32fed628ff

<Turbolinux Appliance Server 3.0 x64 Edition>

Source Packages
Size: MD5

postfix-2.4.5-10.src.rpm
3012322 7b825c1683bff4b71c1c2496b6110891

Binary Packages
Size: MD5

postfix-2.4.5-10.x86_64.rpm
3979763 ff246a034f21ddf14e611f8f128c7ef1
postfix-pflogsumm-2.4.5-10.x86_64.rpm
46176 c5c8393e0924d5cc781056aaba1d0a70

<Turbolinux Appliance Server 3.0>

Source Packages
Size: MD5

postfix-2.4.5-10.src.rpm
3012322 7b825c1683bff4b71c1c2496b6110891

Binary Packages
Size: MD5

postfix-2.4.5-10.i686.rpm
3523430 ef4dcab18c5708435ee5879a9ac81bc4
postfix-pflogsumm-2.4.5-10.i686.rpm
46459 e3c43cc6777ee4d15579960ca8ec5a4b

<Turbolinux 11 Server x64 Edition>

Source Packages
Size: MD5

postfix-2.4.5-10.src.rpm
3012322 7b825c1683bff4b71c1c2496b6110891

Binary Packages
Size: MD5

postfix-2.4.5-10.x86_64.rpm
3979763 ff246a034f21ddf14e611f8f128c7ef1
postfix-pflogsumm-2.4.5-10.x86_64.rpm
46176 c5c8393e0924d5cc781056aaba1d0a70

<Turbolinux 11 Server>

Source Packages
Size: MD5

postfix-2.4.5-10.src.rpm
3012322 7b825c1683bff4b71c1c2496b6110891

Binary Packages
Size: MD5

postfix-2.4.5-10.i686.rpm
3523430 ef4dcab18c5708435ee5879a9ac81bc4
postfix-pflogsumm-2.4.5-10.i686.rpm
46459 e3c43cc6777ee4d15579960ca8ec5a4b


References:

CVE
[CVE-2008-3889]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3889

--------------------------------------------------------------------------
Revision History
11 Sep 2008 Initial release
--------------------------------------------------------------------------

Copyright(C) 2008 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkjI/VYACgkQK0LzjOqIJMzTIACfZRIjFe2Nd9hRdrtUGRb+8M50
PoAAniIlQUdvcCThbU1VBoPGLzTfjW3e
=4Jbf
-----END PGP SIGNATURE-----
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung