LaMont Jones wrote: Sorry for the late reply.
> After discussions with the affected security teams (debian and ubuntu), > postfix 2.6.5.3 was uploaded to sid, with the presumption that I would > contact -release to get the fix for my ancient screwup into the next > point release. > > * SECURITY-UPDATE: correct permissions on /var/spool/postfix/pid > - adjust /var/spool/postfix/pid directory to be owned by root, not > postfix. > - CVE-2009-2930 > > If there is a desire to go from 2.3.8 to 2.3.19 for etch, or 2.5.5 to > 2.5.9 for lenny, I'm open to that as well. Wietse tends to be very > pedantic about what he adds in point releases. At the same time, I > doubt that there is any critical need to do so. > > thoughts? Feel free to upload. Cheers Luk -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
