In my case, libspf2 is a dependent package of OpenDMARC
(Alma Linux, Rocky Linux, Oracle Linux) On Sat, 30 Sep 2023 16:47:30 -0400 Viktor Dukhovni via Postfix-users <postfix-users@postfix.org> wrote: > Recent news of security issues in Exim appear to in part implicate > libspf2. > > While Postfix does not directly use libspf2, and the issues could > perhaps be in part related to how libspf2 is integrated into Exim, it > may be prudent for Postfix administrators to audit their MTA software > stack for plugin components (milters, ...) that use libspf2, and keep an > eye out for updates. It may also be prudent to disable such components > in the meantime, if possible. > > https://lists.exim.org/lurker/message/20230930.083414.4e1a37f5.en.html > https://seclists.org/oss-sec/2023/q3/254 > https://www.zerodayinitiative.com/advisories/ZDI-23-1472/ > > -- > Viktor. > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org