Format: 1.7
Date: Fri, 15 Apr 2011 10:55:16 -0400
Source: postfix
Binary: postfix-doc postfix-pgsql postfix-ldap postfix-dev postfix-pcre postfix postfix-mysql
Architecture: all i386
Version: 2.2.10-1ubuntu0.3
Distribution: dapper
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@rothera.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 postfix    - A high-performance mail transport agent
 postfix-dev - Postfix loadable modules development environment
 postfix-doc - Postfix documentation
 postfix-ldap - LDAP map support for Postfix
 postfix-mysql - MYSQL map support for Postfix
 postfix-pcre - PCRE map support for Postfix
 postfix-pgsql - PGSQL map support for Postfix
Changes: 
 postfix (2.2.10-1ubuntu0.3) dapper-security; urgency=low
 .
   * SECURITY UPDATE: man-in-the-middle via plaintext command injection
     - debian/patches/CVE-2011-0411.dpatch: Discard the contents of the
       stream buffer so there is no pending plaintext in
       src/smtp/smtp_proto.c, src/smtpd/smtpd.c. Backport vstream_fpurge()
       in src/util/vstream.*.
     - CVE-2011-0411
   * SECURITY UPDATE: symlink attack via incorrect pid dir permissions
     - debian/postfix.postinst: create pid dir with appropriate permissions.
     - CVE-2009-2939
Files: 
 4e42bbf23e1b73f74f9cc210445c3abd 923558 mail extra postfix_2.2.10-1ubuntu0.3_i386.deb
 7da344306bcfb839abf8140b4023c1da 39776 mail extra postfix-ldap_2.2.10-1ubuntu0.3_i386.deb
 1239fa768cdd6b1c67148432a75d0108 35078 mail extra postfix-pcre_2.2.10-1ubuntu0.3_i386.deb
 5e638bb89b158a4f5d324b590efccf0e 35618 mail extra postfix-mysql_2.2.10-1ubuntu0.3_i386.deb
 188142ba6ba641ab9e675fc06092cd21 35442 mail extra postfix-pgsql_2.2.10-1ubuntu0.3_i386.deb
 97f417d77210b5efa7c6365878fbee72 111294 devel extra postfix-dev_2.2.10-1ubuntu0.3_all.deb
 f7e394dcfb0da0adc5a6050f777a6fc6 666058 doc extra postfix-doc_2.2.10-1ubuntu0.3_all.deb