PostSRSd before 1.11 allows a denial of service (subprocess hang) if Postfix sends certain long data fields such as multiple concatenated email addresses. NOTE: the PostSRSd maintainer acknowledges theoretically, this error should never occur … Im not sure if theres a reliable way to trigger this condition by an external attacker, but it is a security bug in PostSRSd nevertheless.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Postsrsd | Postsrsd_project | * | 1.11 (excluding) |
| Postsrsd | Ubuntu | bionic | * |
| Postsrsd | Ubuntu | devel | * |
| Postsrsd | Ubuntu | esm-apps/bionic | * |
| Postsrsd | Ubuntu | esm-apps/focal | * |
| Postsrsd | Ubuntu | esm-apps/jammy | * |
| Postsrsd | Ubuntu | esm-apps/noble | * |
| Postsrsd | Ubuntu | focal | * |
| Postsrsd | Ubuntu | groovy | * |
| Postsrsd | Ubuntu | hirsute | * |
| Postsrsd | Ubuntu | impish | * |
| Postsrsd | Ubuntu | jammy | * |
| Postsrsd | Ubuntu | kinetic | * |
| Postsrsd | Ubuntu | lunar | * |
| Postsrsd | Ubuntu | mantic | * |
| Postsrsd | Ubuntu | noble | * |
| Postsrsd | Ubuntu | oracular | * |
| Postsrsd | Ubuntu | trusty | * |
| Postsrsd | Ubuntu | upstream | * |
| Postsrsd | Ubuntu | xenial | * |