Am 03.03.2016 um 19:29 Uhr schrieb Viktor Dukhovni:
Postfix 2.6 and later, with the recommended settings is sufficient, but it is recommended that you also deploy OpenSSL 1.0.1s or 1.0.2g, or your O/S vendor's "equivalent" update.It is sadly common to selectively backport fixes without changing the version number, so look for updates that address the DROWN-related CVEs: CVE-2016-0800, CVE-2016-0703, CVE-2015-3197.
Thank you! Marc
