postfix update for stable

To: debian-release@lists.debian.org
Subject: postfix update for stable
From: LaMont Jones <lamont@debian.org>
Date: Fri, 18 Sep 2009 14:16:41 -0600
Message-id: <20090918201641.GD15606@mix.mmjgroup.com>
Mail-followup-to: LaMont Jones <lamont@debian.org>, debian-release@lists.debian.org

After discussions with the affected security teams (debian and ubuntu),
postfix 2.6.5.3 was uploaded to sid, with the presumption that I would
contact -release to get the fix for my ancient screwup into the next
point release.

  * SECURITY-UPDATE: correct permissions on /var/spool/postfix/pid
    - adjust /var/spool/postfix/pid directory to be owned by root, not
      postfix.
    - CVE-2009-2930

If there is a desire to go from 2.3.8 to 2.3.19 for etch, or 2.5.5 to
2.5.9 for lenny, I'm open to that as well.  Wietse tends to be very
pedantic about what he adds in point releases.  At the same time, I
doubt that there is any critical need to do so.

thoughts?
lamont

Reply to:

Follow-Ups:
- Re: postfix update for stable
  - From: Luk Claes <luk@debian.org>

Prev by Date: Re: binNMU for samba
Next by Date: Bug#547358: destar: security buggy, dead maintainer/upstream
Previous by thread: Re: Bug#547218: debootstrap: cannot create squeeze chroot
Next by thread: Re: postfix update for stable
Index(es):
- Date
- Thread