Advisory: CLSA-2025:1738267482
OS: AlmaLinux 9.2 ESU
Public date: 2025-01-30 15:04:45
Project: postfix
Version: 3.5.9-19.el9.tuxcare.els1
Errata link: https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2025-1738267482.html
- CVE-2023-51764: Improvements for inbound SMTP smuggling defense. Reject or restrict input lines from an SMTP client that end in bare new line. Replace each stray <CR> or <LF> character in message content with a space character, to prevent outbound SMTP smuggling To prevent the SMTP smuggling vulnerability, the option "smtpd_forbid_bare_newline = reject" must be set.
Update command: dnf update postfix*
postfix-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-cdb-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-ldap-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-lmdb-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-mysql-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-pcre-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-perl-scripts-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-pgsql-3.5.9-19.el9.tuxcare.els1.x86_64.rpm postfix-sqlite-3.5.9-19.el9.tuxcare.els1.x86_64.rpm