On Wed, Apr 09, 2014 at 07:05:50PM -0400, Ian Evans wrote:
> Thanks for this. Since many touch their email servers far less than their
> postfix configs, is there a list of files we absolutely have to check for
> SSL issues?
Apply the absolutely most recent patch level of whichever OpenSSL
library ships with your system, and always do so promptly. Don't
procrastinate on security patches.
Not sure what you mean about "list of files". Postfix uses libssl
and libcrypto, which are typically dynamically linked so the required
updates are for the two shared libraries in question (in this case
libssl, but they are generally installed/upgraded together).
--
Viktor.
