Postfix Mail Transport Agent
Upstream note:
* Bugfix (defect introduced: Postfix 2.3, date: 20050323): buffer
over-read when Postfix an enhanced status code is not followed
by other text. For example, "5.7.2" without text after the
three-number code. This CANNOT be triggered with an SMTP or
LMTP server response; is confirmed with an access(5) table and
likely with a policy server response; can possibly be triggered
with pipe-to-command output, header_checks(5), body_checks(5),
an error(8) transport in transport_maps, or a milter response;
and is confirmed with a DNSBL server TXT response while Postfix
is configured with "$rbl_code $rbl_text" in rbl_reply_maps or
default_rbl_reply. This could result in process termination.
Problem reported by Kamil Frankowicz.
Resolves-Vulnerability: CVE-2026-43964
Resolves: RHEL-176547
|
||
|---|---|---|
| .fmf | ||
| .gitignore | ||
| ci.fmf | ||
| gating.yaml | ||
| pflogsumm-1.1.5-datecalc.patch | ||
| pflogsumm-1.1.5-ipv6-warnings-fix.patch | ||
| pflogsumm-1.1.5-syslog-name-underscore-fix.patch | ||
| plans.fmf | ||
| postfix-3.3.3-alternatives.patch | ||
| postfix-3.4.0-files.patch | ||
| postfix-3.4.4-chroot-example-fix.patch | ||
| postfix-3.8.0-config.patch | ||
| postfix-3.8.0-large-fs.patch | ||
| postfix-3.8.5-openssl-no-engine.patch | ||
| postfix-3.8.5-rhel-remove-version-mismatch-warning.patch | ||
| postfix-3.8.16-CVE-2026-43964.patch | ||
| postfix-aliases | ||
| postfix-chroot-update | ||
| postfix-etc-init.d-postfix | ||
| postfix-pam.conf | ||
| postfix-sasl.conf | ||
| postfix.aliasesdb | ||
| postfix.service | ||
| postfix.spec | ||
| postfix.sysusers | ||
| README-Postfix-SASL-RedHat.txt | ||
| sources | ||