Package name
postfix
Date
2011-03-16
Advisory ID
MDVSA-2011:045
Affected versions
2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problem description

A security flaw was discovered in postfix which allows plaintext
command injection with SMTP sessions over TLS (CVE-2011-0411).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Updated packages

2009.0 x86_64

 73053818f39aba0ee0bece7ab997b07c  2009.0/x86_64/lib64postfix1-2.5.5-4.2mdv2009.0.x86_64.rpm
 c0e3c04bfd70acc0ee09e7413b3a3400  2009.0/x86_64/postfix-2.5.5-4.2mdv2009.0.x86_64.rpm
 435fe07232bf307882a1589bc1ccca22  2009.0/x86_64/postfix-ldap-2.5.5-4.2mdv2009.0.x86_64.rpm
 4d1d018487d1c3328cd425d220136a6f  2009.0/x86_64/postfix-mysql-2.5.5-4.2mdv2009.0.x86_64.rpm
 e7bd9b102319bc1ed4cdda27edaf26e2  2009.0/x86_64/postfix-pcre-2.5.5-4.2mdv2009.0.x86_64.rpm
 7051b04bff45730a0268c5b311361111  2009.0/x86_64/postfix-pgsql-2.5.5-4.2mdv2009.0.x86_64.rpm 
 b27d3f6b20b11f71fd54d0f50a8a4b47  2009.0/SRPMS/postfix-2.5.5-4.2mdv2009.0.src.rpm

MES5 i586

 9c50578bd954be2ea42e6f3f3131cc9c  mes5/i586/libpostfix1-2.5.5-4.2mdvmes5.2.i586.rpm
 bca22f9be6e6bef4e02f2ffb4623d2e3  mes5/i586/postfix-2.5.5-4.2mdvmes5.2.i586.rpm
 45cfa7336d29cddca1ac07270d2b8287  mes5/i586/postfix-ldap-2.5.5-4.2mdvmes5.2.i586.rpm
 87d4b942fefedc239a213b3ce5715cf0  mes5/i586/postfix-mysql-2.5.5-4.2mdvmes5.2.i586.rpm
 b3caf9572b69e757b9697139bb0ed5d8  mes5/i586/postfix-pcre-2.5.5-4.2mdvmes5.2.i586.rpm
 bde845f9957e2ead0e398c5bebef6f79  mes5/i586/postfix-pgsql-2.5.5-4.2mdvmes5.2.i586.rpm 
 8ad3739bcdf5297b2dddfb4e289049d9  mes5/SRPMS/postfix-2.5.5-4.2mdvmes5.2.src.rpm

2010.0 x86_64

 0282b58fb34ab310a8e66cda1792da37  2010.0/x86_64/lib64postfix1-2.6.5-2.1mdv2010.0.x86_64.rpm
 644f3b20cfed1b5e57ef53a7ef94898a  2010.0/x86_64/postfix-2.6.5-2.1mdv2010.0.x86_64.rpm
 16b27a49a3dcae6fa520c3cb24b2f69b  2010.0/x86_64/postfix-ldap-2.6.5-2.1mdv2010.0.x86_64.rpm
 9e60217b6e8adc9a0e286df835f9d695  2010.0/x86_64/postfix-mysql-2.6.5-2.1mdv2010.0.x86_64.rpm
 8594b10f400395fff17ffda26e9e3b3d  2010.0/x86_64/postfix-pcre-2.6.5-2.1mdv2010.0.x86_64.rpm
 e63fb8c5794ce971488898af1d537f36  2010.0/x86_64/postfix-pgsql-2.6.5-2.1mdv2010.0.x86_64.rpm 
 e3748479ec6c93be12808e26e6b0fa55  2010.0/SRPMS/postfix-2.6.5-2.1mdv2010.0.src.rpm

2010.1 i586

 19ee5b6c6a18c73ccf1d74e20f89759d  2010.1/i586/libpostfix1-2.7.0-4.1mdv2010.2.i586.rpm
 7a468df2b451f6972c38faf1f60ad8af  2010.1/i586/postfix-2.7.0-4.1mdv2010.2.i586.rpm
 a814f84c61afd93f3416c69d993afd7a  2010.1/i586/postfix-cdb-2.7.0-4.1mdv2010.2.i586.rpm
 f6f7f9492ab304d28f8aa4bfc653ca1e  2010.1/i586/postfix-ldap-2.7.0-4.1mdv2010.2.i586.rpm
 8013bafd20881dd85b3be95529be848d  2010.1/i586/postfix-mysql-2.7.0-4.1mdv2010.2.i586.rpm
 145c8551dc1c51b071d1f3f992f8e638  2010.1/i586/postfix-pcre-2.7.0-4.1mdv2010.2.i586.rpm
 8f0d058eda66267085cbe5a7f5133b60  2010.1/i586/postfix-pgsql-2.7.0-4.1mdv2010.2.i586.rpm 
 c90d8220b74b39ce44a4b9dfe8876783  2010.1/SRPMS/postfix-2.7.0-4.1mdv2010.2.src.rpm

2010.0 i586

 f83a569908244de2e04f13c5e9cbc29a  2010.0/i586/libpostfix1-2.6.5-2.1mdv2010.0.i586.rpm
 b28f60198223458fe7a8b9c92d9901c1  2010.0/i586/postfix-2.6.5-2.1mdv2010.0.i586.rpm
 1572c433ec62d49970a250050da98ed7  2010.0/i586/postfix-ldap-2.6.5-2.1mdv2010.0.i586.rpm
 2aeb9f3d82b97e4314b3f8d6500a244a  2010.0/i586/postfix-mysql-2.6.5-2.1mdv2010.0.i586.rpm
 2d93c886dda73832ee8b96961e0cc316  2010.0/i586/postfix-pcre-2.6.5-2.1mdv2010.0.i586.rpm
 544853ecd21ca236324418232b59d206  2010.0/i586/postfix-pgsql-2.6.5-2.1mdv2010.0.i586.rpm 
 e3748479ec6c93be12808e26e6b0fa55  2010.0/SRPMS/postfix-2.6.5-2.1mdv2010.0.src.rpm

2009.0 i586

 eb607fe6834ded296aec54851a3bd56c  2009.0/i586/libpostfix1-2.5.5-4.2mdv2009.0.i586.rpm
 76a18eb7f7627ba5489137eb592d0c8b  2009.0/i586/postfix-2.5.5-4.2mdv2009.0.i586.rpm
 61c70b9d189f68276601d724e8444d9f  2009.0/i586/postfix-ldap-2.5.5-4.2mdv2009.0.i586.rpm
 24255918008338487798ea647860484e  2009.0/i586/postfix-mysql-2.5.5-4.2mdv2009.0.i586.rpm
 e4d4db07cb302b3072f78097f84e1b87  2009.0/i586/postfix-pcre-2.5.5-4.2mdv2009.0.i586.rpm
 ebd9879c9c773c3d57375809c696f517  2009.0/i586/postfix-pgsql-2.5.5-4.2mdv2009.0.i586.rpm 
 b27d3f6b20b11f71fd54d0f50a8a4b47  2009.0/SRPMS/postfix-2.5.5-4.2mdv2009.0.src.rpm

CS4.0 i586

 6b7d62433679d20ae3b5cdf2668019e7  corporate/4.0/i586/libpostfix1-2.3.5-0.4.20060mlcs4.i586.rpm
 c5d4cbc67d00e0ea8b32c6598d6d65f0  corporate/4.0/i586/postfix-2.3.5-0.4.20060mlcs4.i586.rpm
 287daadea040f15c1e25a6de77a438b2  corporate/4.0/i586/postfix-ldap-2.3.5-0.4.20060mlcs4.i586.rpm
 aac87a567ae68c48d4e8226429b35697  corporate/4.0/i586/postfix-mysql-2.3.5-0.4.20060mlcs4.i586.rpm
 c331a8061b0c5a6639c633d608e37871  corporate/4.0/i586/postfix-pcre-2.3.5-0.4.20060mlcs4.i586.rpm
 25ce650233120a54e830c120f773f715  corporate/4.0/i586/postfix-pgsql-2.3.5-0.4.20060mlcs4.i586.rpm 
 f2f060fddbb666572eca06ae47e36a3a  corporate/4.0/SRPMS/postfix-2.3.5-0.4.20060mlcs4.src.rpm

CS4.0 x86_64

 45b683c80b3006c3df5144bfe0fede86  corporate/4.0/x86_64/lib64postfix1-2.3.5-0.4.20060mlcs4.x86_64.rpm
 fc82cfcdbf89c059b6850edfa049128f  corporate/4.0/x86_64/postfix-2.3.5-0.4.20060mlcs4.x86_64.rpm
 7057754d88c8146d235d3ab96fd64d2f  corporate/4.0/x86_64/postfix-ldap-2.3.5-0.4.20060mlcs4.x86_64.rpm
 872c28155eb6276ba0fd1001387ffac7  corporate/4.0/x86_64/postfix-mysql-2.3.5-0.4.20060mlcs4.x86_64.rpm
 644747748d18077fc63aa740c2947768  corporate/4.0/x86_64/postfix-pcre-2.3.5-0.4.20060mlcs4.x86_64.rpm
 19b2a209beade7e6e25de6d0f3cb4b6d  corporate/4.0/x86_64/postfix-pgsql-2.3.5-0.4.20060mlcs4.x86_64.rpm 
 f2f060fddbb666572eca06ae47e36a3a  corporate/4.0/SRPMS/postfix-2.3.5-0.4.20060mlcs4.src.rpm

MES5 x86_64

 d920df80c9fdbcb64a9c50d265acd7e8  mes5/x86_64/lib64postfix1-2.5.5-4.2mdvmes5.2.x86_64.rpm
 1d09a25b69b76b2c013bac182c0e456d  mes5/x86_64/postfix-2.5.5-4.2mdvmes5.2.x86_64.rpm
 0afe348155bee4af965ec616d86a9219  mes5/x86_64/postfix-ldap-2.5.5-4.2mdvmes5.2.x86_64.rpm
 db4e476a96f489d957610fb1ff7c6f9e  mes5/x86_64/postfix-mysql-2.5.5-4.2mdvmes5.2.x86_64.rpm
 6ce0428271de05b3bb2d2e430c3281a3  mes5/x86_64/postfix-pcre-2.5.5-4.2mdvmes5.2.x86_64.rpm
 32468daeee58b727ce1c85adcc2b364c  mes5/x86_64/postfix-pgsql-2.5.5-4.2mdvmes5.2.x86_64.rpm 
 8ad3739bcdf5297b2dddfb4e289049d9  mes5/SRPMS/postfix-2.5.5-4.2mdvmes5.2.src.rpm

2010.1 x86_64

 0a9207a9e00cce2e656ff248513d5bc3  2010.1/x86_64/lib64postfix1-2.7.0-4.1mdv2010.2.x86_64.rpm
 3e2cc9ea2bf3d6979d5c6a5b3ec9b54a  2010.1/x86_64/postfix-2.7.0-4.1mdv2010.2.x86_64.rpm
 c8c5efad63b597b3d3a0aec3c5027ffa  2010.1/x86_64/postfix-cdb-2.7.0-4.1mdv2010.2.x86_64.rpm
 71d9a4095514c72494c4f02d2696b619  2010.1/x86_64/postfix-ldap-2.7.0-4.1mdv2010.2.x86_64.rpm
 8865fea8796435b2d715bf0d89c4530f  2010.1/x86_64/postfix-mysql-2.7.0-4.1mdv2010.2.x86_64.rpm
 784960a49889f3fce8a308842321d8e8  2010.1/x86_64/postfix-pcre-2.7.0-4.1mdv2010.2.x86_64.rpm
 dc50ccda7bfb1a1f7f673bc251f14683  2010.1/x86_64/postfix-pgsql-2.7.0-4.1mdv2010.2.x86_64.rpm 
 c90d8220b74b39ce44a4b9dfe8876783  2010.1/SRPMS/postfix-2.7.0-4.1mdv2010.2.src.rpm

References