similar to: Fwd: Obsolete NSA exploit for Postfix 2.0 - 2.2

On 10/04/17 12:08, Robert Moskowitz wrote: > This was just posted on the Postfix list. Centos 7 ships with: > postfix-2.10.1-6.el7 > > Has this cert advisory been applied to the Centos build of Postfix? > > This is an exploit for Postfix 2.0 - 2.2, for a bug that was fixed > 11 years ago in Postfix 2.2.11 and later. 2.10.1 is way later than 2.2.11, this bug was never in

There's a big thread about filesystems on postfix-users@postfix.org Could you shed some light on that issue? ----- Forwarded message from Wietse Venema <wietse@porcupine.org> ----- From: wietse@porcupine.org (Wietse Venema) Date: Sun, 3 Feb 2002 07:53:26 -0500 (EST) To: Lawrence Greenfield <leg+@andrew.cmu.edu> Cc: Wietse Venema <wietse@porcupine.org>,

On Mon, Oct 19, 2015 at 11:28:04AM +0200, Florent B wrote: > Have you read this article from ars technica ? > > http://arstechnica.com/security/2015/10/how-the-nsa-can-break-trillions-of-encrypted-web-and-vpn-connections/ Yes. > What I understand is that 1024-bits Diffie-Hellman keys are broken by NSA. More precisely, they can spend a lot of effort to break Diffie-Hellman for a

> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > > Hello and good evening. > > Sorry for responding so late, it is midsummer and i spend as much > time as possible on the outside (bicycle, mostly). (Just one more > day, then 10 degrees colder!!) > > I Cc: Wietse Venema, because i quote a message of him. > (this is "set

I have tried compiling wine versions 1.2.1, 1.2.2, and 1.3.12 on caos NSA 0.9 x86_64. All versions have the same behavior when I try to compile them. During configuration I get configure: error: FreeType 32-bit development files not found. Fonts will not be built. Use the --without-freetype option if you really want this. This occurs even though freetype.i386, and freetype-devel.i386 are

Hello and good evening. Sorry for responding so late, it is midsummer and i spend as much time as possible on the outside (bicycle, mostly). (Just one more day, then 10 degrees colder!!) I Cc: Wietse Venema, because i quote a message of him. (this is "set quote-add-cc" here.) Aki Tuomi wrote in <84881193.5398.1597934431687 at appsuite-dev-gw2.open-xchange.com>: The dovecot

In response to my request for postfix to support dovecot auth arguments I got the forwarded reply. If someone gets around to this before me I won't be offended. ------------ Story is I deployed a webmail with certificate based authentication that substitutes a global master password (http://wiki.dovecot.org/Authentication/MasterUsers) when the certificate matches. The webmail accesses

postfix-users seems to be a subscription only list. I'd recommend incorporating TDMA <http://tdma.sf.net/> to allow for easy discussion by outsiders Andrew Morton (of ext3 fame) had sent this message to postfix-users list I am forwarding so that Wietse can hopefully provide the definitive answer to the question Andrew Morton/Stephen Tweedie seek ----- Forwarded message from Andrew

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hi, well, swift response! Qualcomm has a patched qpopper (2.5) Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> ---------- Forwarded message ---------- Date: Mon, 29 Jun 1998 21:43:18 -0700 From: Praveen Yaramada <pyaramad@QUALCOMM.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Patched Qpopper2.5 release Notification. Hello Folks, As you are already aware that qpopper

A little over a week ago I posted asking about setting up a linux box between an existing router and a switch in order to provide firewall service to a subnet of machines. I was curious what experience others had with this type of setup in terms of machines, configurations, and the appropriateness of using linux in this manner. There were basically three issues discussed in replies: hardware

On Mon, December 8, 2014 20:01, Daniel J Walsh wrote: > > rpm -q selinux-policy > > selinux-policy-3.7.19-260.el6 is the current policy in development. >> Thank you. >>>> #============= postfix_showq_t ============== >>>> allow postfix_showq_t tmp_t:dir read; >>> Any reason postfix would be listing the contents of /tmp or /var/tmp? >>>

> On 21/08/2020 17:56 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > > > Aki Tuomi wrote in > <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: > |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: > ... > |> Wietse Venema wrote in > |> <4BXSTk189nzJrP3 at spike.porcupine.org>: >

-------- Original-Nachricht -------- Betreff: STARTTLS bug - background story Datum: Mon, 7 Mar 2011 15:08:09 -0500 (EST) Von: Wietse Venema <wietse at porcupine.org> An: Postfix users <postfix-users at postfix.org> CERT/CC announces a flaw today in multiple STARTTLS implementations. This problem was silently fixed in Postfix 2.8 and 2.9. Updates for Postfix 2.[4-7] are made available

I just had a remote root break-in on my machine (x86 running Red Hat Linux 5.0 with all the updates except for kernel-2.0.32-3) this morning at 06:03:28 EDT. From what I''ve been able to gather, it appears to have been through snmpd, which I missed when I was weeding out unused daemons. Sorry for the feeble message, but all I know (or at least strongly suspect) is that there''s a

Hi all, I have a question about a multi-homed Samba file server and interoperability with AD. It's a bit complicated, so please bear with me. I've been running Samba 4.11.6 as an AD server (two DCs) for a while (in RFC2307 mode) in a mixed Windows/Linux environment. I have a server running Proxmox (Debian) with Samba 4.9.5 and it is sharing my huge ZFS volume via Samba to Windows

Aki Tuomi wrote in <1907575568.4364.1597984769802 at appsuite-dev-gw1.open-xchange.com>: |> On 21/08/2020 02:17 Steffen Nurpmeso <steffen at sdaoden.eu> wrote: ... |> Wietse Venema wrote in |> <4BXSTk189nzJrP3 at spike.porcupine.org>: |> ... |>|Steffen Nurpmeso: |> ... |>|> until SASL says it is done?!. How could EXTERNAL ever work

Hallo All, After updating Windows 10 to the latest versions i can confirm Windows 10 is also unable to change passwords. I found this information: https://support.microsoft.com/en-us/kb/3167679 ---- Known issues in this security update This security update disables the ability of the Negotiate process to fall back to NTLM when Kerberos authentication fails for password change operations.

Salve, I''m protecting hades with the tcpd wrappers and had no problems so far, at least none that I noticed. Today happend something strange. An attacker got a connect on a protected port from a not allowed IP: > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= BTW, thanks for that tool. > Jul 1 03:34:56 hades in.null[18321]: twist > slip139-92-93-124.hol.ch.ibm.net to

On 13/05/2020 18:52, David Lomax via samba wrote: > Hi all, > > I have a question about a multi-homed Samba file server and interoperability > with AD. It's a bit complicated, so please bear with me. Your problem is probably because your DC knows your Samba ADS client by its 192.168.42.0/24 Ipaddress. Also, why only use 10G on part of your network, surely the network speed