A series of critical vulnerabilities in Postfix, the popular mail transfer agent, have been discovered, raising concerns about potential security breaches. The vulnerabilities, classified as allowing the “Contournement de la politique de sécurité” (Bypass of security policy), affect Postfix versions prior to 3.8.4, 3.7.9, 3.6.13, and 3.5.23.
Security experts have identified that these vulnerabilities could be exploited by attackers to circumvent established security policies, posing a serious threat to systems using vulnerable Postfix versions.
To mitigate these risks, it is strongly advised for users to promptly refer to the security bulletin issued by Postfix on December 20, 2023, and apply the necessary patches. The security updates are available for Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23.