Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-642-1: Postfix vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-642-1: Postfix vulnerabilities
# 1  
Old 09-10-2008
USN-642-1: Postfix vulnerabilities
Referenced CVEs:
CVE-2008-3889


Description:
=========================================================== Ubuntu Security Notice USN-642-1 September 10, 2008 postfix vulnerabilities CVE-2008-3889 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: postfix 2.4.5-3ubuntu1.3 Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands. A local attacker could exploit this to cause Postfix to run out of descriptors, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

postfix-nochroot

postfix-nochroot(8)					      System Manager's Manual					       postfix-nochroot(8)

NAME

       postfix-nochroot - change /etc/postfix/master.cf to not use chroot

SYNOPSIS

       postfix-nochroot

DESCRIPTION

       Renames /etc/postfix/master.cf to /etc/postfix/master.cf.bak and creates a new /etc/postfix/master.cf file with every service configured to
       not use chroot.	Every modified line is commented.  It also restarts Postfix (to apply the change) and rmoves the unused chroot directories
       /var/spool/postfix/{etc,lib,usr} .

       Using a chroot environment makes upgrades more difficult and gets in the way when running SE Linux (without actually providing any security
       benefit in a SE Linux system).

SEE ALSO

       selinux(8),  sestatus(8),   selinuxenabled(1),	check-selinux-installation(8),	 selinux-config-enforcing(8),	selinux-policy-upgrade(8),
       http://wiki.debian.org/SELinux  - More about SELinux Debian install, http://etbe.coker.com.au/tag/selinux/ - Russell's SE Linux blog posts,
       http://etbe.coker.com.au/2008/08/02/postfix-and-chroot/ - post about this script.

AUTHOR

       This program and it's man page was written by Russell Coker <russell@coker.com.au> for the Debian system (but may be used by others).  Per-
       mission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 3.

       On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL-3.

															       postfix-nochroot(8)