1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted postfix 3.5.13-0+deb11u1 (source) into proposed-updates->stabl

    From Debian FTP Masters@21:1/5 to All on Sat May 28 20:40:02 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Fri, 07 Jan 2022 00:14:16 -0500
    Source: postfix
    Architecture: source
    Version: 3.5.13-0+deb11u1
    Distribution: bullseye
    Urgency: medium
    Maintainer: LaMont Jones <[email protected]>
    Changed-By: Scott Kitterman <[email protected]>
    Closes: 926331 959864 964762 968057 988538 991513 991950 995031 995129 999694 Changes:
    postfix (3.5.13-0+deb11u1) bullseye; urgency=medium
    .
    [Scott Kitterman]
    .
    * Update debian/watch to track v3.5 versions for stable updates
    * Refresh patches
    * Include compatibility_level in addition to postifx version when
    determining default value for chroot in master.cf. Closes: #995129
    * Fixup errors in postifx-add-* man pages. Closes: #995031
    * Update main/master.cf.proto on upgrade if not modified. Closes: #991513
    * Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink
    check. Closes: #926331
    * Test that nothing is reported by postfix check in autopkgtest
    * Do not override user set default_transport in postinst. Closes: #988538
    * Add information about keeping resolv.conf up to date in the chroot with
    the resolvconf package. Closes: #964762
    .
    [Sergio Gelato]
    .
    * Correct if-up.d to not error out if postfix can't send mail yet.
    Closes: #959864
    .
    [Miriam España Acebal]
    .
    * Removed LDFLAG -Bsymbolic-functions to fix issue where TLS is disabled
    when private/tlmsgr socket is not found. lp: #1885403
    .
    [Paride Legovini]
    .
    * d/postfix.postinst: tolerate search domain with a leading dot.
    Closes: #991950
    .
    [Wietse Venema]
    .
    * 3.5.7
    - Bugfix (introduced: Postfix 3.4, already fixed in Postfix
    3.6): tlsproxy(8) was using the wrong DANE macro for
    connections with DANE trust anchors or with non-DANE trust
    anchors (WTF: Thorsten Habich found this bug in the use
    case that has nothing to do with DANE). This resulted in a
    global certificate verify function pointer race, between
    TLS handshakes that use TLS trust achors and handshakes
    that use PKI. No memory was corrupted in the course of all
    this. Viktor Dukhovni. File: tlsproxy/tlsproxy.c.
    .
    - Cleanup: the posttls-finger '-X' option reported a false
    conflict with '-r'. File: posttls-finger/posttls-finger.c.
    .
    * 3.5.8
    - Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
    ignored table lookup errors, treating them as 'not found'.
    Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
    .
    - Bugfix (introduced: Postfix 2.3): when deleting a recipient
    with a milter, delete the recipient from the duplicate
    filter, so that the recipient can be added back. Backported
    from Postfix 3.6. Files: global/been_here.[hc],
    cleanup/cleanup_milter.c.
    .
    - Bugfix (introduced: before Postfix alpha): the code that
    looks for Delivered-To: headers ignored headers longer than
    $line_length_limit. Backported from Postfix 3.6. File:
    global/delivered_hdr.c.
    .
    - Bugfix (introduced: Postfix 2.8): save a copy of the
    postscreen_dnsbl_reply_map lookup result. This has no effect
    when the recommended texthash: look table is used, but it
    may avoid stale data with other lookup tables. File:
    postscreen/postscreen_dnsbl.c.
    .
    - Bugfix (introduced: Postfix 2.2): after processing an
    XCCLIENT command, the smtps service was waiting for a TLS
    handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
    .
    - Bugfix (introduced: Postfix 2.3): static maps did not free
    their casefolding buffer. File: util/dict_static.c.
    .
    - Bugfix (introduced: Postfix 3.5): the Postfix SMTP client
    broke message headers longer than $line_length_limit, causing
    subsequent header content to become message body content.
    Reported by Andreas Weigel, fix by Viktor Dukhovni. File:
    smtp/smtp_proto.c.
    .
    * 3.5.9
    - Feature: when a Postfix program makes a DNS query that
    requests DNSSEC validation (usually for Postfix DANE support)
    but the DNS response is not DNSSEC validated, Postfix will
    send a DNS query configured with the "dnssec_probe" parameter
    to determine if DNSSEC support is available, and logs a
    warning if it is not. By default, the probe has type "ns"
    and domain name ".". The probe is sent once per process
    lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c,
    test_dns_lookup.c, global/mail_params.[hc], mantools/postlink.
    .
    - The default "smtp_tls_dane_insecure_mx_policy = dane" was
    causing unnecessary dnssec_probe activity. The default is now
    "dane" when smtp_tls_security_level is "dane", otherwise it is
    "may". File: global/mail_params.h.
    .
    * 3.5.10
    - Missing null pointer checks (introduced: Postfix 3.4) after
    an internal I/O error during the smtp(8) to tlsproxy(8)
    handshake. Found by Coverity, reported by Jaroslav Skarvada.
    Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
    .
    - Null pointer bug (introduced: Postfix 3.0) and memory leak
    (introduced: Postfix 3.4) after an inline: table syntax
    error in main.cf or master.cf. Found by Coverity, reported
    by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
    util/dict_inline.c.
    .
    - Incomplete null pointer check (introduced: Postfix 2.10)
    after truncated HaProxy version 1 handshake message. Found
    by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
    Dukhovni. File: global/haproxy_srvr.c.
    .
    - Missing null pointer check (introduced: Postfix alpha) after
    null argv[0] value. File: global/mail_task.c.
    .
    * 3.5.11
    - Bugfix (introduced: Postfix 2.11): the command "postmap
    lmdb:/file/name" handled duplicate keys ungracefully,
    discarding entries stored up to and including the duplicate
    key, and causing a double free() call with lmdb versions
    0.9.17 and later. Reported by Adi Prasaja; double free()
    root cause analysis by Howard Chu. File: util/slmdb.c.
    .
    - Typo (introduced: Postfix 3.4): silent_discard should be
    silent-discard. File: proto/BDAT_README.html.
    .
    - Support for Postfix 3.6 compatibility_level syntax, to avoid
    fatal runtime errors when rolling back from Postfix 3.6 to
    an earlier supported version, or when sharing Postfix 3.6
    configuration files with an earlier supported Postfix
    version. File: global/mail_params.c.
    .
    * 3.5.12
    - Bugfix (introduced: Postfix 3.4): the texthash: map
    implementation did not support "postmap -F" behavior.
    Reported by Christopher Gurnee, who also found the missing
    code in the postmap source. File: util/dict_thash.c.
    .
    - Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too
    large" (ERANGE) errors because an strtol() call had no 'errno
    = 0' statement before the call. Back-ported from Postfix 3.6.
    Files: postscreen/postscreen_tests.c, util/mac_expand.c.
    .
    - Bugfix (introduced: Postfix 3.3): "null pointer read" error
    in the cleanup daemon when "header_from_format = standard"
    (the default as of Postfix 3.3) and email was submitted
    with /usr/sbin/sendmail without From: header, and an all-space
    full name was specified in 1) the password file, 2) with
    "sendmail -F", or 3) with the NAME environment variable.
    Found by Renaud Metrich. File: cleanup/cleanup_message.c.
    (Closes: #968057)
    .
    - Bugfix (introduced: 1999): the Postfix SMTP server was
    sending all session transcripts to the error_notice_recipient,
    instead of sending transcripts of bounced mail to the
    bounce_notice_recipient. File: smtpd/smtpd_chat.c.
    .
    - Bugfix (introduced: Postfix 2.4): false "too many reverse
    jump" warnings in the showq daemon. The loop detection code
    was comparing memory addresses instead of queue file names.
    It now properly compares strings. Reported by Mehmet Avcioglu.
    File: global/record.c.
    .
    * 3.5.13
    - Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c.
    .
    - Bugfix (bug introduced: Postfix 2.10): postconf -x produced
    incorrect output, because different functions were implicitly
    sharing a buffer for intermediate results. Reported
    by raf, root cause analysis by Viktor Dukhovni. File:
    postconf/postconf_builtin.c.
    .
    - Bugfix (problem introduced: Postfix 2.11): check_ccert_access
    worked as expected, but produced a spurious warning when
    Postfix was built without SASL support. Fix by Brad Barden.
    File: smtpd/smtpd_check.c.
    .
    - Bugfix (introduced: Postfix 2.4): queue file corruption
    after a Milter (for example, MIMEDefang) made a request to
    replace the message body with a copy of that message body
    plus additional text (for example, a SpamAssassin report).
    .
    The most likely impacts were a) the queue manager reporting
    a fatal error resulting in email delivery delays, or b) the
    queue manager reporting the corruption and moving the message
    to the corrupt queue for damaged messages.
    .
    However, a determined adversary could craft an email message
    that would trigger the bug, and insert a content filter
    destination or a redirect email address into its queue file.
    Postfix would then deliver the message headers there, in
    most cases without delivering the message body. With enough
    experimentation, an attacker could make Postfix deliver
    both the message headers and body.
    .
    The details of a successful attack depend on the Milter
    implementation, and on the Postfix and Milter configuration
    details; these can be determined remotely through
    experimentation. Failed experiments may be detected when
    the queue manager terminates with a fatal error, or when
    the queue manager moves damaged files to the "corrupt" queue
    as evidence.
    .
    Technical details: when Postfix executes a "replace body"
    Milter request it will reuse queue file storage that was
    used by the existing email message body. If the new body
    is larger, Postfix will append body content to the end of
    the queue file. The corruption happened when a Milter (for
    example, MIMEDefang) made a request to replace the body of
    a message with a new body that contained a copy of the
    original body plus some new text, and the original body
    contained a line longer than $line_length_limit bytes (for
    example, an image encoded in base64 without hard or soft
    line breaks). In queue files, Postfix stores a long text
    line as multiple records with up to $line_length_limit bytes
    each. Unfortunately, Postfix's "replace body" support did
    not account for the additional queue file space needed to
    store the second etc. record headers. And thus, the last
    record(s) of a long text line could overwrite one or more
    queue file records immediately after the space that was
    previously occupied by the original message body.
    .
    Problem report by Benoît Panizzon.
    .
    * Fix duplicate bounce_notice_recipient entries in postconf output.
    Closes: #999694
    Checksums-Sha1:
    1a71bad21a61b4d0e3664bd066cb129e636cffd6 3039 postfix_3.5.13-0+deb11u1.dsc
    1f7de18cf37a490fe783db0e3cda23296a79e59d 4623630 postfix_3.5.13.orig.tar.gz
    b2720b6395e208cc28a5e9062fb0ab2b08ecd286 220 postfix_3.5.13.orig.tar.gz.asc
    37a5cd6363776dc1a4f3c0f6f71dfc30394e2921 207732 postfix_3.5.13-0+deb11u1.debian.tar.xz
    68d2d4ac9965066698ef4feb4ada74c047ac6d06 12458 postfix_3.5.13-0+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    aecd9bcb34ea6f646adab08644924452417bdceb17c0a6b861d85151f8561f8b 3039 postfix_3.5.13-0+deb11u1.dsc
    c970ff679b205986a19fe7f4835991dd3f27bedd2ea7543f002df658770d5f1b 4623630 postfix_3.5.13.orig.tar.gz
    cf69b54b38c4aaccc3c4bb1246ff7288c61b177a897b00e43fa519a261da627d 220 postfix_3.5.13.orig.tar.gz.asc
    5ffbaf630a43252bb0c54dfa6ff5a31bb48a490b4e9e5e4db2c225063aa6d3fc 207732 postfix_3.5.13-0+deb11u1.debian.tar.xz
    7f38d23d7e2d9d503577c023bd4cd08c9b66e95ff35df710c086e18d71b8806f 12458 postfix_3.5.13-0+deb11u1_amd64.buildinfo
    Files:
    17210f934c47ecbd1c98fb6df3c47fb7 3039 mail optional postfix_3.5.13-0+deb11u1.dsc
    df6bdc7efe64c078e3bc5643e6a85eb3 4623630 mail optional postfix_3.5.13.orig.tar.gz
    aef676709be098026ff8b69698da5b69 220 mail optional postfix_3.5.13.orig.tar.gz.asc
    246b5ee658833e0087de003b758d97cf 207732 mail optional postfix_3.5.13-0+deb11u1.debian.tar.xz
    40172d0e57d42fb0d6813e7320b8419e 12458 mail optional postfix_3.5.13-0+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEE53Kb/76FQA/u7iOxeNfe+5rVmvEFAmI4gVEACgkQeNfe+5rV mvFbpw//c1LT6ROVguKx0prMcVyLLgib1kdl81aWlXaZ+T3LaNgBz0SXG/Dmj1P0 xhn2UXb3zk26Q++R0ACrTy456WekjuSrF1YwDuSzOpnOIui8w82LvtDesAy0cir9 ikf9IFu7Vb06adoFUAahhb7M9Lt2ao7RScCQragTXwlxEN/5b6QFv+XFMenJ5Wm/ Dc8UDNSGAt4mOWhjIEED6ZEmxIe2/WozoMzxANu9VWTbAqwdtT+QV3r8y10tMnbO jjr7mM3wLNwbEVWxu2KKgwXYDUzTpIxsmfGwUKDxXf3DhKQ/vedkL7IZgSzB1i3r rhgaIhYYNNVOPHFluNdYK0ZmZ2YxcLIYsguJyAQfAsIKyZi3xOzq03XcU/ih6Dnz kql80DdCB3WIECDGs6vzg6t5ADmT/n1BxqDa4tyPK+ly9FYLXe3l+J4ht8zdz59X uAOGLYgCpJ8YWPgBX0Xh96qEiZKPUz61bUd+OUvZvedtd2EliAMixr0bxvp9g4OF rTcXs6d8W36bThkEljL31JS0rwS0CZa7sJakgmb2L5vhYVeNM8QfDQg2avwUgHSR wMG+SYxYNHont+i/LHrI/87G8p12BSqcd8lplDqsunl6s3YzKF1O1Ii5Ynq4t422 isIUPAzjBW4QUIO3EaoRAfqXmbalfnFP3fgX1o9hZHVUgpKiVWM=
    =vv2G
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)