On May 11, 2015 9:38:46 AM CEST, Cristiano Deana <cristiano.de...@gmail.com> wrote: > Hi, > > this morning I got for my mailservers > > # pkg audit > postfix-2.11.4,1 is vulnerable: > postfix -- plaintext command injection with SMTP over TLS > CVE: CVE-2011-0411 > WWW: > http://vuxml.FreeBSD.org/freebsd/14a6f516-502f-11e0-b448-bbfa2731f9c7.html > > postfix-2.11.4,1 is vulnerable: > Postfix -- memory corruption vulnerability > CVE: CVE-2011-1720 > WWW: > http://vuxml.FreeBSD.org/freebsd/3eb2c100-738b-11e0-89f4-001e90d46635.html > > But this is a bug from 2011, and it's blocking new install or updates > of postfix packages. > > Who should be warned of this? > > Thank you.
Hi Cristiano, this should be fixed.meanwhile. Please run the command # pkg audit -F -- Regards, olli _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
