On Fri, Apr 15, 2011 at 01:56:05PM +0200, Alexander Gr?ner wrote:
> Hi,
>
> just learned about http://support.novell.com/security/cve/ and especially
> http://support.novell.com/security/cve/CVE-2011-0411.html.
>
> Just for future requests...
>
> Answer from Novell "The updates for this issue are in QA and will be
> released to the update channels in the next week."
Note that, while the CVE applies to and was discovered in Postfix,
there are other products in scope, in particular at least qmail, and
other servers or clients that implement starttls. It is not clear to me
that vendors (not picking on Novell or SuSE specifically) have applied
due diligence to all relevant products...
--
Viktor.
