Postfix Mail Transport Agent
65ef400c89
Upstream note:
* Bugfix (defect introduced: Postfix 2.3, date: 20050323): buffer
over-read when Postfix an enhanced status code is not followed
by other text. For example, "5.7.2" without text after the
three-number code. This CANNOT be triggered with an SMTP or
LMTP server response; is confirmed with an access(5) table and
likely with a policy server response; can possibly be triggered
with pipe-to-command output, header_checks(5), body_checks(5),
an error(8) transport in transport_maps, or a milter response;
and is confirmed with a DNSBL server TXT response while Postfix
is configured with "$rbl_code $rbl_text" in rbl_reply_maps or
default_rbl_reply. This could result in process termination.
Problem reported by Kamil Frankowicz.
Resolves-Vulnerability: CVE-2026-43964
Resolves: RHEL-176548
|
||
|---|---|---|
| .gitignore | ||
| EMPTY | ||
| gating.yaml | ||
| pflogsumm-1.1.5-datecalc.patch | ||
| pflogsumm-1.1.5-ipv6-warnings-fix.patch | ||
| pflogsumm-1.1.5-syslog-name-underscore-fix.patch | ||
| postfix-3.3.3-alternatives.patch | ||
| postfix-3.4.0-files.patch | ||
| postfix-3.4.0-large-fs.patch | ||
| postfix-3.4.4-chroot-example-fix.patch | ||
| postfix-3.5.0-config.patch | ||
| postfix-3.5.8-back-compat-3.3.1.patch | ||
| postfix-3.5.8-makedefs.patch | ||
| postfix-3.5.8-SRV-resolve.patch | ||
| postfix-3.5.8-whitespace-name-fix.patch | ||
| postfix-3.8.16-CVE-2026-43964.patch | ||
| postfix-chroot-update | ||
| postfix-pam.conf | ||
| postfix-sasl.conf | ||
| postfix.aliasesdb | ||
| postfix.service | ||
| postfix.spec | ||
| README-Postfix-SASL-RedHat.txt | ||
| README-RedHat.txt | ||
| sources | ||