A Veracode scan reported the following vulnerabilites in postfix 3.0.1: vulnerability module source Buffer Over Flow dnsblog home/.../src/dns/dns_rr.c Buffer Over Flow smtpd home/.../src/tls/tls_scache.c Numeric Errors dnsblog home/.../src/dns/dns_rr.c 262 Numeric Errors dnsblog home/.../src/dns/dns_rr.c 302 Numeric Errors dnsblog home/.../src/dns/dns_strtype.c 207 Numeric Errors smtpd home/.../src/tls/tls_dane.c 1291
I do not see these being reported in the mailing list previously. Are these are real vulnerabilities or false positives? Thanks Mc. -- View this message in context: http://postfix.1071664.n5.nabble.com/Veracode-reported-vulnerabilities-tp87320.html Sent from the Postfix Users mailing list archive at Nabble.com.
