CentOS Update for postfix CESA-2008:0839 centos3 i386

Solution
Please Install the Updated Packages.
Insight
Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), and TLS. A flaw was found in the way Postfix dereferences symbolic links. If a local user has write access to a mail spool directory with no root mailbox, it may be possible for them to append arbitrary data to files that root has write permission to. (CVE-2008-2936) Red Hat would like to thank Sebastian Krahmer for responsibly disclosing this issue. All users of postfix should upgrade to these updated packages, which contain a backported patch that resolves this issue.
Affected
postfix on CentOS 3
References