Portauditに"postfix – memory corruption vulnerability“と警告された.
“Memory corruption in Postfix SMTP server Cyrus SASL support (CVE-2011-1720)”(Postfix Discussion ML),
The Postfix SMTP server has a memory corruption error when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN (the ANONYMOUS mechanism is unaffected but should not be enabled for different reasons).の件だったので,自宅サーバのPostfixを2.6.10に更新した…
(snip)
The problem is fixed in Postfix stable releases 2.5.13, 2.6.10, 2.7.4, 2.8.3; in the Postfix 2.9 development release as of May 1, 2011; patches exist for Postfix version 1.1 and later.