----------------------------------------------------------------------- Debian Stable Updates Announcement SUA 249-1 https://www.debian.org debian-release@lists.debian.org Scott Kitterman December 29th, 2023 ----------------------------------------------------------------------- Package : postfix Version : 3.7.9-0+deb12u1 [bookworm] : 3.5.23-0+deb11u1 [bullseye] Importance : medium Postfix is a high-performance mail transport agent. This update consists of recommended upstream bug fixes since the versions in bullseye and bookworm. In particular, a fix for CVE-2023-51764 (SMTP smuggling) requires a configuration change to take full effect. The configuration change is not done automatically to avoid causing issues with existing installations. Users should consult the relevant Postfix documentation [1] before setting "smtpd_forbid_bare_newline = yes" in the main.cf file. 1: https://www.postfix.org/smtp-smuggling.html Upgrade Instructions -------------------- You can get the updated packages by adding the stable-updates archive for your distribution to your /etc/apt/sources.list: deb https://deb.debian.org/debian bookworm-updates main deb-src https://deb.debian.org/debian bookworm-updates main or deb https://deb.debian.org/debian bullseye-updates main deb-src https://deb.debian.org/debian bullseye-updates main You can also use any of the Debian archive mirrors. See https://www.debian.org/mirrors/list for the full list of mirrors. For further information about stable-updates, please refer to https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html If you encounter any issues, please don't hesitate to get in touch with the Debian Release Team at debian-release@lists.debian.org
Attachment:
signature.asc
Description: PGP signature