Date: Mon, 11 May 2015 09:38:46 +0200 From: Cristiano Deana <cristiano.deana@gmail.com> To: FreeBSD Stable Mailing List <freebsd-stable@freebsd.org>, freebsd-security@freebsd.org, freebsd-ports@freebsd.org Subject: Wrong security audit for mail/postfix ? Message-ID: <CAO82ECEyOzyHapBRKjrdrTobVfP5zjNGhX_uZn9Gfu7g7NzbOw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, this morning I got for my mailservers # pkg audit postfix-2.11.4,1 is vulnerable: postfix -- plaintext command injection with SMTP over TLS CVE: CVE-2011-0411 WWW: http://vuxml.FreeBSD.org/freebsd/14a6f516-502f-11e0-b448-bbfa2731f9c7.html postfix-2.11.4,1 is vulnerable: Postfix -- memory corruption vulnerability CVE: CVE-2011-1720 WWW: http://vuxml.FreeBSD.org/freebsd/3eb2c100-738b-11e0-89f4-001e90d46635.html But this is a bug from 2011, and it's blocking new install or updates of postfix packages. Who should be warned of this? Thank you. -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAO82ECEyOzyHapBRKjrdrTobVfP5zjNGhX_uZn9Gfu7g7NzbOw>