USN-8253-2

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-8253-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8253-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-8253-2

Upstream

CVE-2026-43964

UBUNTU-CVE-2026-43964

Published

2026-06-03T20:22:56Z

Modified

2026-06-04T02:18:10.600102479Z

Summary

postfix vulnerability

Details

USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.

Original advisory details:

Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes. A remote attacker could possibly use this issue to cause Postfix to crash, resulting in a denial of service.

References

Affected packages

Ubuntu:Pro:14.04:LTS / postfix

Package

Name: postfix
Purl: pkg:deb/ubuntu/postfix?arch=source&distro=esm-infra-legacy%2Ftrusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.11.0-1ubuntu1.2+esm4

Affected versions

2.*

2.10.2-1

2.10.2-1build1

2.11.0-1

2.11.0-1ubuntu1

2.11.0-1ubuntu1.2

2.11.0-1ubuntu1.2+esm2

2.11.0-1ubuntu1.2+esm3

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix"
        },
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix-cdb"
        },
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix-ldap"
        },
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix-mysql"
        },
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix-pcre"
        },
        {
            "binary_version": "2.11.0-1ubuntu1.2+esm4",
            "binary_name": "postfix-pgsql"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8253-2.json"

cves_map

{
    "ecosystem": "Ubuntu:Pro:14.04:LTS",
    "cves": []
}

Ubuntu:Pro:16.04:LTS / postfix

Package

Name: postfix
Purl: pkg:deb/ubuntu/postfix?arch=source&distro=esm-infra-legacy%2Fxenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.0-3ubuntu0.4+esm4

Affected versions

2.*

2.11.3-1ubuntu2

2.11.3-1ubuntu3

3.*

3.0.4-1ubuntu1

3.0.4-2

3.0.4-3

3.0.4-5

3.0.4-5build1

3.1.0-3

3.1.0-3ubuntu0.1

3.1.0-3ubuntu0.2

3.1.0-3ubuntu0.3

3.1.0-3ubuntu0.4

3.1.0-3ubuntu0.4+esm2

3.1.0-3ubuntu0.4+esm3

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix"
        },
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix-cdb"
        },
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix-ldap"
        },
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix-mysql"
        },
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix-pcre"
        },
        {
            "binary_version": "3.1.0-3ubuntu0.4+esm4",
            "binary_name": "postfix-pgsql"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8253-2.json"

cves_map

{
    "ecosystem": "Ubuntu:Pro:16.04:LTS",
    "cves": []
}

Ubuntu:Pro:18.04:LTS / postfix

Package

Name: postfix
Purl: pkg:deb/ubuntu/postfix?arch=source&distro=esm-infra%2Fbionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.0-1ubuntu0.4+esm4

Affected versions

3.*

3.2.3-1

3.2.3-1build1

3.2.4-1

3.2.5-1

3.2.5-1build1

3.3.0-1

3.3.0-1ubuntu0.1

3.3.0-1ubuntu0.2

3.3.0-1ubuntu0.3

3.3.0-1ubuntu0.4

3.3.0-1ubuntu0.4+esm2

3.3.0-1ubuntu0.4+esm3

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-cdb"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-ldap"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-lmdb"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-mysql"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-pcre"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-pgsql"
        },
        {
            "binary_version": "3.3.0-1ubuntu0.4+esm4",
            "binary_name": "postfix-sqlite"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8253-2.json"

cves_map

{
    "ecosystem": "Ubuntu:Pro:18.04:LTS",
    "cves": []
}

Ubuntu:Pro:20.04:LTS / postfix

Package

Name: postfix
Purl: pkg:deb/ubuntu/postfix?arch=source&distro=esm-infra%2Ffocal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.4.13-0ubuntu1.4+esm1

Affected versions

3.*

3.4.5-1ubuntu1

3.4.7-1

3.4.7-2

3.4.8-1

3.4.9-1

3.4.10-1

3.4.10-1ubuntu1

3.4.13-0ubuntu1

3.4.13-0ubuntu1.1

3.4.13-0ubuntu1.2

3.4.13-0ubuntu1.3

3.4.13-0ubuntu1.4

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-cdb"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-ldap"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-lmdb"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-mysql"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-pcre"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-pgsql"
        },
        {
            "binary_version": "3.4.13-0ubuntu1.4+esm1",
            "binary_name": "postfix-sqlite"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8253-2.json"

cves_map

{
    "ecosystem": "Ubuntu:Pro:20.04:LTS",
    "cves": []
}