New Postfix packages that fix two potential security issues are now available.
Postfix is a Mail Transport Agent (MTA). Two security issues have been found in Postfix that affect the Postfix packages in Red Hat Linux 7.3, 8.0, and 9. Postfix versions before 1.1.12 allow an attacker to bounce-scan private networks, or use the daemon as a DDoS tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by analyzing timing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to this issue. Postfix versions from 1.1 up to and including 1.1.12 have a bug where a remote attacker could send a malformed envelope address and: 1) cause the queue manager to lock up until an entry is removed from the queue or, 2) lock up the SMTP listener, leading to a DoS. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0540 to this issue. Users of Postfix are advised to upgrade to these erratum packages, which contain a version of Postfix 1.1.12 with the addition of a security patch and is not vulnerable to either of these issues. Red Hat would like to thank Michal Zalewski for discovering and disclosing the flaws and to Wietse Venema for providing patches.