Recent news of security issues in Exim appear to in part implicate
libspf2.
While Postfix does not directly use libspf2, and the issues could
perhaps be in part related to how libspf2 is integrated into Exim, it
may be prudent for Postfix administrators to audit their MTA software
stack for plugin components (milters, ...) that use libspf2, and keep an
eye out for updates. It may also be prudent to disable such components
in the meantime, if possible.
https://lists.exim.org/lurker/message/20230930.083414.4e1a37f5.en.html
https://seclists.org/oss-sec/2023/q3/254
https://www.zerodayinitiative.com/advisories/ZDI-23-1472/
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
