Postfix is an attempt to provide an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and hopefully secure, while at the same time being sendmail compatible enough to not upset your users.
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.
Este comunicado contém uma correção para CVE-2011-0411, que permite a injeção de comandos de texto simples com sessões SMTP sobre TLS. Este defeito foi introduzido com o Postfix versão 2.2. A mesma falha existe em outras implementações do comando STARTTLS.
Tags:
Security, 2.7.x
This release contains a fix for CVE-2011-0411, which allows plain text command injection with SMTP sessions over TLS. This defect was introduced with Postfix version 2.2. The same flaw exists in other implementations of the STARTTLS command.
