Advisories » MGASA-2024-0029

Updated postfix packages fix a security vulnerability

Publication date: 09 Feb 2024
Modification date: 08 Feb 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-51764

Description

Postfix has been updated to fix smtp smuggling, an email spoofing attack
that involves a composition of email services with specific differences
in the way they handle line endings other than .
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32647
• https://www.postfix.org/smtp-smuggling.html
• https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51764

SRPMS

9/core

• postfix-3.8.4-1.mga9