Postfix is an attempt to provide an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and hopefully secure, while at the same time being sendmail compatible enough to not upset your users.
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.
Cette version contient un correctif pour CVE-2011-0411, qui permet l'injection de commandes simple texte avec des sessions SMTP sur TLS. Ce défaut a été introduit avec la version version 2.2. Le même défaut existe dans d'autres implémentations de la commande STARTTLS.
Tags:
Security, 2.7.x
This release contains a fix for CVE-2011-0411, which allows plain text command injection with SMTP sessions over TLS. This defect was introduced with Postfix version 2.2. The same flaw exists in other implementations of the STARTTLS command.
