Login
Newsletter
Werbung
Sicherheit: Denial of Service in postfix
Aktuelle Meldungen Distributionen
Name: Denial of Service in postfix
ID: TLSA-2008-33
Distribution: TurboLinux
Plattformen: Turbolinux Client 2008, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition
Datum: Fr, 12. September 2008, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3889
Applikationen: Postfix

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2008-33
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 11 Sep 2008
 Last revised: 11 Sep 2008

 Package: postfix

 Summary: Postfix denial of service 

 More information:
    Postfix is a Mail Transport Agent (MTA).

    A vulnerability in Postfix 2.4 and later was discovered, when running on
 Linux kernel 2.6,
    where a local user could cause a denial of service due to Postfix leaking
 the epoll
    file descriptor when executing non-Postfix commands (CVE-2008-3889).

 Affected Products:
    - Turbolinux Client 2008
    - Turbolinux Appliance Server 3.0 x64 Edition
    - Turbolinux Appliance Server 3.0
    - Turbolinux 11 Server x64 Edition
    - Turbolinux 11 Server
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server


 <Turbolinux Client 2008>

   Source Packages
   Size: MD5

   postfix-2.5.3-2.src.rpm
      3236416 53382b9262caf2ec3db0ce791b4fd436

   Binary Packages
   Size: MD5

   postfix-2.5.3-2.i586.rpm
      3975003 262208699ab1b14d12e103fc3e15c359
   postfix-pflogsumm-2.5.3-2.i586.rpm
        45263 7d74e4843ced2df8c6c1fb32fed628ff

 <Turbolinux Appliance Server 3.0 x64 Edition>

   Source Packages
   Size: MD5

   postfix-2.4.5-10.src.rpm
      3012322 7b825c1683bff4b71c1c2496b6110891

   Binary Packages
   Size: MD5

   postfix-2.4.5-10.x86_64.rpm
      3979763 ff246a034f21ddf14e611f8f128c7ef1
   postfix-pflogsumm-2.4.5-10.x86_64.rpm
        46176 c5c8393e0924d5cc781056aaba1d0a70

 <Turbolinux Appliance Server 3.0>

   Source Packages
   Size: MD5

   postfix-2.4.5-10.src.rpm
      3012322 7b825c1683bff4b71c1c2496b6110891

   Binary Packages
   Size: MD5

   postfix-2.4.5-10.i686.rpm
      3523430 ef4dcab18c5708435ee5879a9ac81bc4
   postfix-pflogsumm-2.4.5-10.i686.rpm
        46459 e3c43cc6777ee4d15579960ca8ec5a4b

 <Turbolinux 11 Server x64 Edition>

   Source Packages
   Size: MD5

   postfix-2.4.5-10.src.rpm
      3012322 7b825c1683bff4b71c1c2496b6110891

   Binary Packages
   Size: MD5

   postfix-2.4.5-10.x86_64.rpm
      3979763 ff246a034f21ddf14e611f8f128c7ef1
   postfix-pflogsumm-2.4.5-10.x86_64.rpm
        46176 c5c8393e0924d5cc781056aaba1d0a70

 <Turbolinux 11 Server>

   Source Packages
   Size: MD5

   postfix-2.4.5-10.src.rpm
      3012322 7b825c1683bff4b71c1c2496b6110891

   Binary Packages
   Size: MD5

   postfix-2.4.5-10.i686.rpm
      3523430 ef4dcab18c5708435ee5879a9ac81bc4
   postfix-pflogsumm-2.4.5-10.i686.rpm
        46459 e3c43cc6777ee4d15579960ca8ec5a4b


 References:

 CVE
   [CVE-2008-3889]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3889

 --------------------------------------------------------------------------
 Revision History
    11 Sep 2008 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2008 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkjI/VYACgkQK0LzjOqIJMzTIACfZRIjFe2Nd9hRdrtUGRb+8M50
PoAAniIlQUdvcCThbU1VBoPGLzTfjW3e
=4Jbf
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung