Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 81024 - mail-mta/postfix ipv6 open relay issue
Summary: mail-mta/postfix ipv6 open relay issue
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.ubuntulinux.org/support/do...
Whiteboard: B4 [noglsa] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-06 13:11 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2007-06-24 23:33 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-02-06 13:11:28 UTC 
Jean-Samuel Reynaud noticed a programming error in the IPv6 handling
code of Postfix when /proc/net/if_inet6 is not available (which is the
case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup"
was enabled in the "smtpd_recipient_restrictions", Postfix turned into
an open relay, i. e. erroneously permitted the delivery of arbitrary
mail to any MX host which has an IPv6 address.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-02-06 13:15:29 UTC 
Tuan committed postfix-2.1.5-r2 with ipv6 patches version 1.26.

Security please vote on GLSA. I tend to vote NO.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-02-07 10:53:19 UTC 
Reopneing for stable marking. Thx Tuan.

Arches please test and mark stable.
Comment 3 Gustavo Zacarias (RETIRED) gentoo-dev 2005-02-07 11:17:30 UTC 
sparc stable.
removing mips too since it was done by `kumba yesterday.
Comment 4 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-02-07 11:56:39 UTC 
Stable on ppc.
Comment 5 Bryan Østergaard (RETIRED) gentoo-dev 2005-02-09 02:39:49 UTC 
Stable on alpha.
Comment 6 Simon Stelling (RETIRED) gentoo-dev 2005-02-10 08:00:03 UTC 
amd64 stable
Comment 7 Thierry Carrez (RETIRED) gentoo-dev 2005-02-10 09:01:57 UTC 
GLSA vote... I would tend to vote NO too, but I'm lazy. Let's hear a third opinion.
Comment 8 Thierry Carrez (RETIRED) gentoo-dev 2005-02-11 07:24:19 UTC 
Voting a full NO and closing then. It's more a bug than anything... Reopen if you disagree.
Comment 9 René Nussbaumer (RETIRED) gentoo-dev 2005-06-26 05:54:14 UTC 
Already stable on hppa