Описание
Security update for postfix
This update for postfix fixes the following issues:
- CVE-2023-51764: Fixed SMTP smuggling attack (bsc#1218304).
Список пакетов
Image SLES15-SP4-Manager-Server-4-3
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
postfix-3.5.9-150300.5.15.1
SUSE Enterprise Storage 7.1
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
postfix-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
SUSE Linux Enterprise Module for Legacy 15 SP4
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Real Time 15 SP4
postfix-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Server 15 SP3-LTSS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Server 15 SP4-LTSS
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Manager Proxy 4.3
postfix-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
SUSE Manager Server 4.3
postfix-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
openSUSE Leap 15.4
postfix-3.5.9-150300.5.15.1
postfix-bdb-3.5.9-150300.5.15.1
postfix-bdb-lmdb-3.5.9-150300.5.15.1
postfix-devel-3.5.9-150300.5.15.1
postfix-doc-3.5.9-150300.5.15.1
postfix-ldap-3.5.9-150300.5.15.1
postfix-mysql-3.5.9-150300.5.15.1
postfix-postgresql-3.5.9-150300.5.15.1
Ссылки
- Link for SUSE-SU-2024:0012-1
- E-Mail link for SUSE-SU-2024:0012-1
- SUSE Security Ratings
- SUSE Bug 1218304
- SUSE Bug 1218314
- SUSE CVE CVE-2023-51764 page
Описание
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
Затронутые продукты
Image SLES15-SP4-Manager-Server-4-3-Azure-llc:postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd:postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:postfix-3.5.9-150300.5.15.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:postfix-3.5.9-150300.5.15.1
Ссылки
- CVE-2023-51764
- SUSE Bug 1218304