From b4e9907563126d44f5077534a2ea3e7e22a2605b58325cef0d867f5b5695efec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Str=C3=B6der?= Date: Mon, 8 Nov 2021 14:00:32 +0000 Subject: [PATCH 1/8] Accepting request 930186 from home:stroeder:network Update to 3.6.3 OBS-URL: https://build.opensuse.org/request/show/930186 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=431 --- postfix-3.6.2.tar.gz | 3 --- postfix-3.6.2.tar.gz.asc | 7 ------- postfix-3.6.3.tar.gz | 3 +++ postfix-3.6.3.tar.gz.asc | 7 +++++++ postfix-bdb.changes | 27 +++++++++++++++++++++++++-- postfix-bdb.spec | 2 +- postfix.changes | 26 +++++++++++++++++++++++++- postfix.spec | 2 +- 8 files changed, 62 insertions(+), 15 deletions(-) delete mode 100644 postfix-3.6.2.tar.gz delete mode 100644 postfix-3.6.2.tar.gz.asc create mode 100644 postfix-3.6.3.tar.gz create mode 100644 postfix-3.6.3.tar.gz.asc diff --git a/postfix-3.6.2.tar.gz b/postfix-3.6.2.tar.gz deleted file mode 100644 index a1e14b0..0000000 --- a/postfix-3.6.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:507323d20d7b3f705f49cf8c07d437c6d8090bed07e15a3c0ec405edad54a7d4 -size 4749530 diff --git a/postfix-3.6.2.tar.gz.asc b/postfix-3.6.2.tar.gz.asc deleted file mode 100644 index e549a3d..0000000 --- a/postfix-3.6.2.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.18 (FreeBSD) - -iFcDBQBg/KW0DAtZDoDKFacRCv6ZAP93+1Bi+iPb24MFzjxHAuT0VjvNpYxgKPrp -GRhhUcs8tAD/Y0ghKWq8Ra8Gk9UHePI0PwD8jqCbt4m3mWAIfyqKh7w= -=e01E ------END PGP SIGNATURE----- diff --git a/postfix-3.6.3.tar.gz b/postfix-3.6.3.tar.gz new file mode 100644 index 0000000..4601d1e --- /dev/null +++ b/postfix-3.6.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0f1241d456a0158e0c418abf62c52c2ff83f8f1dcf2fbdd4c40765b67789b1bc +size 4750833 diff --git a/postfix-3.6.3.tar.gz.asc b/postfix-3.6.3.tar.gz.asc new file mode 100644 index 0000000..7d01732 --- /dev/null +++ b/postfix-3.6.3.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.18 (FreeBSD) + +iFcDBQBhiF8ADAtZDoDKFacRCgTdAP9HMzPu7mChw/m/Dr9fVdKDzsfXyDJWH9de +GiQhIb1EwgD8CssWozyzEzMlFzGzEgbV462MGeoS7QJhRoY58cONOJo= +=orD1 +-----END PGP SIGNATURE----- diff --git a/postfix-bdb.changes b/postfix-bdb.changes index 71c78ee..d8d9261 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Mon Nov 8 10:26:56 UTC 2021 - Michael Ströder + +- Update to 3.6.3 + * (problem introduced in Postfix 2.4, released in 2007): queue + file corruption after a Milter (for example, MIMEDefang) made + a request to replace the message body with a copy of that message + body plus additional text (for example, a SpamAssassin report). + * (problem introduced in Postfix 2.10, released in 2012): The + postconf "-x" option could produce incorrect output, because + multiple functions were implicitly sharing a buffer for + intermediate results. Problem report by raf, root cause analysis + by Viktor Dukhovni. + * (problem introduced in Postfix 2.11, released in 2013): The + check_ccert_access feature worked as expected, but produced a + spurious warning when Postfix was built without SASL support. + Fix by Brad Barden. + * Fix for a compiler warning due to a missing 'const' qualifier + when compiling Postfix with OpenSSL 3. Depending on compiler + settings this could cause the build to fail. + * The known_tcp_ports settings had no effect. It also wasn't fully + implemented. Problem report by Peter. + * Fix for missing space between a hostname and warning text. + ------------------------------------------------------------------- Fri Oct 22 09:45:40 UTC 2021 - Dirk Stoecker @@ -30,7 +54,7 @@ Thu Aug 26 13:59:42 UTC 2021 - Peter Varkoly Adapt master.cf patch ------------------------------------------------------------------- -Tue Aug 24 09:55:02 UTC 2021 - Peter Varkoly +Tue Aug 24 09:55:42 UTC 2021 - Peter Varkoly - postfix fails with glibc 2.34 Define HAS_CLOSEFROM @@ -5319,4 +5343,3 @@ Mon Oct 9 13:54:13 CEST 2000 - choeger@suse.de Mon Oct 9 11:48:39 CEST 2000 - choeger@suse.de - inititial revision of pfixtls - diff --git a/postfix-bdb.spec b/postfix-bdb.spec index 60fee46..59624f7 100644 --- a/postfix-bdb.spec +++ b/postfix-bdb.spec @@ -56,7 +56,7 @@ %endif %bcond_without ldap Name: postfix-bdb -Version: 3.6.2 +Version: 3.6.3 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 diff --git a/postfix.changes b/postfix.changes index 0f62028..d8d9261 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Mon Nov 8 10:26:56 UTC 2021 - Michael Ströder + +- Update to 3.6.3 + * (problem introduced in Postfix 2.4, released in 2007): queue + file corruption after a Milter (for example, MIMEDefang) made + a request to replace the message body with a copy of that message + body plus additional text (for example, a SpamAssassin report). + * (problem introduced in Postfix 2.10, released in 2012): The + postconf "-x" option could produce incorrect output, because + multiple functions were implicitly sharing a buffer for + intermediate results. Problem report by raf, root cause analysis + by Viktor Dukhovni. + * (problem introduced in Postfix 2.11, released in 2013): The + check_ccert_access feature worked as expected, but produced a + spurious warning when Postfix was built without SASL support. + Fix by Brad Barden. + * Fix for a compiler warning due to a missing 'const' qualifier + when compiling Postfix with OpenSSL 3. Depending on compiler + settings this could cause the build to fail. + * The known_tcp_ports settings had no effect. It also wasn't fully + implemented. Problem report by Peter. + * Fix for missing space between a hostname and warning text. + ------------------------------------------------------------------- Fri Oct 22 09:45:40 UTC 2021 - Dirk Stoecker @@ -35,7 +59,7 @@ Tue Aug 24 09:55:42 UTC 2021 - Peter Varkoly - postfix fails with glibc 2.34 Define HAS_CLOSEFROM (bsc#1189101) - add patch + add patch - postfix-3.6.2-glibc-234-build-fix.patch ------------------------------------------------------------------- diff --git a/postfix.spec b/postfix.spec index c3f7ade..563035c 100644 --- a/postfix.spec +++ b/postfix.spec @@ -42,7 +42,7 @@ %bcond_without libnsl %bcond_without ldap Name: postfix -Version: 3.6.2 +Version: 3.6.3 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 From 81f10f3589dd9ec82f9b79f468f9a54ee4b01faeea2f26f7a21adac24e1b9d98 Mon Sep 17 00:00:00 2001 From: Peter Varkoly Date: Wed, 19 Jan 2022 09:45:48 +0000 Subject: [PATCH 2/8] Accepting request 947313 from home:stroeder:network Update to 3.6.4 Seems to work on Tumbleweed x86_64 OBS-URL: https://build.opensuse.org/request/show/947313 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=432 --- postfix-3.6.3.tar.gz | 3 --- postfix-3.6.3.tar.gz.asc | 7 ------- postfix-3.6.4.tar.gz | 3 +++ postfix-3.6.4.tar.gz.asc | 7 +++++++ postfix-bdb.changes | 19 +++++++++++++++++++ postfix-bdb.spec | 2 +- postfix.changes | 19 +++++++++++++++++++ postfix.spec | 2 +- 8 files changed, 50 insertions(+), 12 deletions(-) delete mode 100644 postfix-3.6.3.tar.gz delete mode 100644 postfix-3.6.3.tar.gz.asc create mode 100644 postfix-3.6.4.tar.gz create mode 100644 postfix-3.6.4.tar.gz.asc diff --git a/postfix-3.6.3.tar.gz b/postfix-3.6.3.tar.gz deleted file mode 100644 index 4601d1e..0000000 --- a/postfix-3.6.3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0f1241d456a0158e0c418abf62c52c2ff83f8f1dcf2fbdd4c40765b67789b1bc -size 4750833 diff --git a/postfix-3.6.3.tar.gz.asc b/postfix-3.6.3.tar.gz.asc deleted file mode 100644 index 7d01732..0000000 --- a/postfix-3.6.3.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.18 (FreeBSD) - -iFcDBQBhiF8ADAtZDoDKFacRCgTdAP9HMzPu7mChw/m/Dr9fVdKDzsfXyDJWH9de -GiQhIb1EwgD8CssWozyzEzMlFzGzEgbV462MGeoS7QJhRoY58cONOJo= -=orD1 ------END PGP SIGNATURE----- diff --git a/postfix-3.6.4.tar.gz b/postfix-3.6.4.tar.gz new file mode 100644 index 0000000..48af8c4 --- /dev/null +++ b/postfix-3.6.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8de0619dcf2fa7c215a80cf84b82ab71631d4d4722cba0949725ce3e18031d4e +size 4751433 diff --git a/postfix-3.6.4.tar.gz.asc b/postfix-3.6.4.tar.gz.asc new file mode 100644 index 0000000..e2b2ff9 --- /dev/null +++ b/postfix-3.6.4.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.18 (FreeBSD) + +iFcDBQBh4gGUDAtZDoDKFacRCgAeAP9lr/6/dLKNqqdmc+gUAWxgccw/FUA8yIBY +D2/1m5qC7wEAgkSg1FvpC5iA+iYyWWBk6PIFJEV735HE2fIeEUVf62Q= +=8WjV +-----END PGP SIGNATURE----- diff --git a/postfix-bdb.changes b/postfix-bdb.changes index d8d9261..9bdd029 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Tue Jan 18 23:32:41 UTC 2022 - Michael Ströder + +- Update to 3.6.4 + * Bug introduced in bugfix 20210708: duplicate bounce_notice_recipient + entries in postconf output. This was caused by an incomplete + fix to send SMTP session transcripts to $bounce_notice_recipient. + * Bug introduced in Postfix 3.0: the proxymap daemon did not + automatically authorize proxied maps inside pipemap (example: + pipemap:{proxy:maptype:mapname, ...}) or inside unionmap. + * Bug introduced in Postfix 2.5: off-by-one error while writing + a string terminator. This code passed all memory corruption + tests, presumably because it wrote over an alignment padding + byte, or over an adjacent character byte that was never read. + * The proxymap daemon did not automatically authorize map features + added after Postfix 3.3, caused by missing *_maps parameter + names in the proxy_read_maps default value. Found during code + maintenance. + ------------------------------------------------------------------- Mon Nov 8 10:26:56 UTC 2021 - Michael Ströder diff --git a/postfix-bdb.spec b/postfix-bdb.spec index 59624f7..c0d76de 100644 --- a/postfix-bdb.spec +++ b/postfix-bdb.spec @@ -56,7 +56,7 @@ %endif %bcond_without ldap Name: postfix-bdb -Version: 3.6.3 +Version: 3.6.4 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 diff --git a/postfix.changes b/postfix.changes index d8d9261..9bdd029 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Tue Jan 18 23:32:41 UTC 2022 - Michael Ströder + +- Update to 3.6.4 + * Bug introduced in bugfix 20210708: duplicate bounce_notice_recipient + entries in postconf output. This was caused by an incomplete + fix to send SMTP session transcripts to $bounce_notice_recipient. + * Bug introduced in Postfix 3.0: the proxymap daemon did not + automatically authorize proxied maps inside pipemap (example: + pipemap:{proxy:maptype:mapname, ...}) or inside unionmap. + * Bug introduced in Postfix 2.5: off-by-one error while writing + a string terminator. This code passed all memory corruption + tests, presumably because it wrote over an alignment padding + byte, or over an adjacent character byte that was never read. + * The proxymap daemon did not automatically authorize map features + added after Postfix 3.3, caused by missing *_maps parameter + names in the proxy_read_maps default value. Found during code + maintenance. + ------------------------------------------------------------------- Mon Nov 8 10:26:56 UTC 2021 - Michael Ströder diff --git a/postfix.spec b/postfix.spec index 563035c..d55a91e 100644 --- a/postfix.spec +++ b/postfix.spec @@ -42,7 +42,7 @@ %bcond_without libnsl %bcond_without ldap Name: postfix -Version: 3.6.3 +Version: 3.6.4 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 From 7fba73831cd489da3a492e1986ba721f69858b02d9094ecd7ada5eb2b7f0ff17 Mon Sep 17 00:00:00 2001 From: Dirk Stoecker Date: Sat, 12 Feb 2022 22:28:29 +0000 Subject: [PATCH 3/8] Accepting request 952888 from home:varkoly:branches:server:mail - config.postfix can't handle symlink'd /etc/resolv.cof (bsc#1195019) Adapt proposed change: using "cp -afL" by copying. - config.postfix can't handle symlink'd /etc/resolv.cof (bsc#1195019) Adapt proposed change: using "cp -afL" by copying. OBS-URL: https://build.opensuse.org/request/show/952888 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=433 --- postfix-SUSE.tar.gz | 4 ++-- postfix-bdb.changes | 7 +++++++ postfix.changes | 7 +++++++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/postfix-SUSE.tar.gz b/postfix-SUSE.tar.gz index 490ab36..9b28948 100644 --- a/postfix-SUSE.tar.gz +++ b/postfix-SUSE.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:0587b81f9930058056c903b22bef9c1b1a9ebc61c01e86271a9edf059beaaf1a -size 24345 +oid sha256:695fbaaa234ffc7c8de00de8241c4b19727b4b9620fc241eb160f61500c5e064 +size 24361 diff --git a/postfix-bdb.changes b/postfix-bdb.changes index 9bdd029..f548740 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Feb 9 09:23:09 UTC 2022 - Peter Varkoly + +- config.postfix can't handle symlink'd /etc/resolv.cof + (bsc#1195019) + Adapt proposed change: using "cp -afL" by copying. + ------------------------------------------------------------------- Tue Jan 18 23:32:41 UTC 2022 - Michael Ströder diff --git a/postfix.changes b/postfix.changes index 9bdd029..7d316c9 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Feb 9 09:22:41 UTC 2022 - Peter Varkoly + +- config.postfix can't handle symlink'd /etc/resolv.cof + (bsc#1195019) + Adapt proposed change: using "cp -afL" by copying. + ------------------------------------------------------------------- Tue Jan 18 23:32:41 UTC 2022 - Michael Ströder From cd3bc3bb7da81f29b6be59fb02b69ce9bd74bdc054d00401bf07d611fe426c46 Mon Sep 17 00:00:00 2001 From: Christian Wittmer Date: Mon, 14 Mar 2022 13:43:07 +0000 Subject: [PATCH 4/8] Accepting request 961622 from home:varkoly:branches:server:mail - Postfix on start don't run postalias /etc/postfix/aliases (error open database /etc/postfix/aliases.lmdb). (bsc#1197041) Apply proposed patch - Postfix on start don't run postalias /etc/postfix/aliases (error open database /etc/postfix/aliases.lmdb). (bsc#1197041) Apply proposed patch OBS-URL: https://build.opensuse.org/request/show/961622 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=434 --- postfix-SUSE.tar.gz | 4 ++-- postfix-bdb.changes | 7 +++++++ postfix.changes | 7 +++++++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/postfix-SUSE.tar.gz b/postfix-SUSE.tar.gz index 9b28948..8d94900 100644 --- a/postfix-SUSE.tar.gz +++ b/postfix-SUSE.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:695fbaaa234ffc7c8de00de8241c4b19727b4b9620fc241eb160f61500c5e064 -size 24361 +oid sha256:88c14b666402aee1893f0b0b70454f9e57df49d1fb77cdc89c78999ff8f82f13 +size 24422 diff --git a/postfix-bdb.changes b/postfix-bdb.changes index f548740..c2c62cb 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Mar 14 09:52:48 UTC 2022 - Peter Varkoly + +- Postfix on start don't run postalias /etc/postfix/aliases + (error open database /etc/postfix/aliases.lmdb). (bsc#1197041) + Apply proposed patch + ------------------------------------------------------------------- Wed Feb 9 09:23:09 UTC 2022 - Peter Varkoly diff --git a/postfix.changes b/postfix.changes index 7d316c9..c9ee8b3 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Mar 14 09:52:48 UTC 2022 - Peter Varkoly + +- Postfix on start don't run postalias /etc/postfix/aliases + (error open database /etc/postfix/aliases.lmdb). (bsc#1197041) + Apply proposed patch + ------------------------------------------------------------------- Wed Feb 9 09:22:41 UTC 2022 - Peter Varkoly From 6e3bebe1e47f7ffa278a25255d5eed5b825228cc605d1aa23bac76bc9be5b828 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Mon, 21 Mar 2022 07:46:38 +0000 Subject: [PATCH 5/8] Accepting request 962959 from home:stroeder:network update to 3.6.5 OBS-URL: https://build.opensuse.org/request/show/962959 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=435 --- postfix-3.6.2-glibc-234-build-fix.patch | 14 -------------- postfix-3.6.4.tar.gz | 3 --- postfix-3.6.4.tar.gz.asc | 7 ------- postfix-3.6.5.tar.gz | 3 +++ postfix-3.6.5.tar.gz.asc | 7 +++++++ postfix-bdb.changes | 12 +++++++++++- postfix-bdb.spec | 2 +- postfix.changes | 10 ++++++++++ postfix.spec | 4 +--- 9 files changed, 33 insertions(+), 29 deletions(-) delete mode 100644 postfix-3.6.2-glibc-234-build-fix.patch delete mode 100644 postfix-3.6.4.tar.gz delete mode 100644 postfix-3.6.4.tar.gz.asc create mode 100644 postfix-3.6.5.tar.gz create mode 100644 postfix-3.6.5.tar.gz.asc diff --git a/postfix-3.6.2-glibc-234-build-fix.patch b/postfix-3.6.2-glibc-234-build-fix.patch deleted file mode 100644 index 11d749d..0000000 --- a/postfix-3.6.2-glibc-234-build-fix.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/src/util/sys_defs.h b/src/util/sys_defs.h -index 99bec9b..95c78ec 100644 ---- a/src/util/sys_defs.h -+++ b/src/util/sys_defs.h -@@ -802,6 +803,9 @@ extern int initgroups(const char *, int); - #define _PATH_PROCNET_IFINET6 "/proc/net/if_inet6" - #endif - #endif -+#if HAVE_GLIBC_API_VERSION_SUPPORT(2, 34) -+#define HAS_CLOSEFROM -+#endif - #include - #if !defined(KERNEL_VERSION) - #define KERNEL_VERSION(a,b,c) (LINUX_VERSION_CODE + 1) diff --git a/postfix-3.6.4.tar.gz b/postfix-3.6.4.tar.gz deleted file mode 100644 index 48af8c4..0000000 --- a/postfix-3.6.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8de0619dcf2fa7c215a80cf84b82ab71631d4d4722cba0949725ce3e18031d4e -size 4751433 diff --git a/postfix-3.6.4.tar.gz.asc b/postfix-3.6.4.tar.gz.asc deleted file mode 100644 index e2b2ff9..0000000 --- a/postfix-3.6.4.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.18 (FreeBSD) - -iFcDBQBh4gGUDAtZDoDKFacRCgAeAP9lr/6/dLKNqqdmc+gUAWxgccw/FUA8yIBY -D2/1m5qC7wEAgkSg1FvpC5iA+iYyWWBk6PIFJEV735HE2fIeEUVf62Q= -=8WjV ------END PGP SIGNATURE----- diff --git a/postfix-3.6.5.tar.gz b/postfix-3.6.5.tar.gz new file mode 100644 index 0000000..f0292cb --- /dev/null +++ b/postfix-3.6.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:300fa8811cea20d01d25c619d359bffab82656e704daa719e0c9afc4ecff4808 +size 4751485 diff --git a/postfix-3.6.5.tar.gz.asc b/postfix-3.6.5.tar.gz.asc new file mode 100644 index 0000000..f54f59f --- /dev/null +++ b/postfix-3.6.5.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.18 (FreeBSD) + +iFcDBQBh/wfiDAtZDoDKFacRCsDYAP0aS0hL1d6vn+nJYOLGKLsQajAL8FFZd5TH +PS0Ck+cNhQD/Q4Qc8Q4AvINqT5ZfY4xnIWIWtJ6Yra0X9eP6vC6f7JM= +=+pTi +-----END PGP SIGNATURE----- diff --git a/postfix-bdb.changes b/postfix-bdb.changes index c2c62cb..24c39da 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Mar 18 20:29:34 UTC 2022 - Michael Ströder + +- update to 3.6.5 + * Glibc 2.34 implements closefrom(). This was causing a conflict + with Postfix's implementation for systems that have no closefrom() + implementation. + * Support for Berkeley DB version 18. +- removed obsolete postfix-3.6.2-glibc-234-build-fix.patch + ------------------------------------------------------------------- Mon Mar 14 09:52:48 UTC 2022 - Peter Varkoly @@ -6,7 +16,7 @@ Mon Mar 14 09:52:48 UTC 2022 - Peter Varkoly Apply proposed patch ------------------------------------------------------------------- -Wed Feb 9 09:23:09 UTC 2022 - Peter Varkoly +Wed Feb 9 09:22:41 UTC 2022 - Peter Varkoly - config.postfix can't handle symlink'd /etc/resolv.cof (bsc#1195019) diff --git a/postfix-bdb.spec b/postfix-bdb.spec index c0d76de..cbff370 100644 --- a/postfix-bdb.spec +++ b/postfix-bdb.spec @@ -56,7 +56,7 @@ %endif %bcond_without ldap Name: postfix-bdb -Version: 3.6.4 +Version: 3.6.5 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 diff --git a/postfix.changes b/postfix.changes index c9ee8b3..24c39da 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Fri Mar 18 20:29:34 UTC 2022 - Michael Ströder + +- update to 3.6.5 + * Glibc 2.34 implements closefrom(). This was causing a conflict + with Postfix's implementation for systems that have no closefrom() + implementation. + * Support for Berkeley DB version 18. +- removed obsolete postfix-3.6.2-glibc-234-build-fix.patch + ------------------------------------------------------------------- Mon Mar 14 09:52:48 UTC 2022 - Peter Varkoly diff --git a/postfix.spec b/postfix.spec index d55a91e..55fb0a9 100644 --- a/postfix.spec +++ b/postfix.spec @@ -42,7 +42,7 @@ %bcond_without libnsl %bcond_without ldap Name: postfix -Version: 3.6.4 +Version: 3.6.5 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 @@ -69,7 +69,6 @@ Patch8: %{name}-vda-v14-3.0.3.patch Patch9: fix-postfix-script.patch Patch10: %{name}-avoid-infinit-loop-if-no-permission.patch Patch11: set-default-db-type.patch -Patch12: postfix-3.6.2-glibc-234-build-fix.patch Patch13: harden_postfix.service.patch BuildRequires: ca-certificates BuildRequires: cyrus-sasl-devel @@ -177,7 +176,6 @@ maps with Postfix, you need this. %patch9 %patch10 %patch11 -%patch12 -p1 %patch13 -p1 # --------------------------------------------------------------------------- From ac9252563cadbf601b7e98939ba9b27116331a35d89cc62b125e6b5e990cd6f4 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Mon, 21 Mar 2022 18:40:38 +0000 Subject: [PATCH 6/8] OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=436 --- postfix-bdb.spec | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/postfix-bdb.spec b/postfix-bdb.spec index cbff370..f32306b 100644 --- a/postfix-bdb.spec +++ b/postfix-bdb.spec @@ -56,7 +56,7 @@ %endif %bcond_without ldap Name: postfix-bdb -Version: 3.6.5 +Version: 3.6.5 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 OR EPL-2.0 @@ -82,7 +82,6 @@ Patch7: postfix-ssl-release-buffers.patch Patch8: postfix-vda-v14-3.0.3.patch Patch9: fix-postfix-script.patch Patch10: postfix-avoid-infinit-loop-if-no-permission.patch -Patch11: postfix-3.6.2-glibc-234-build-fix.patch Patch12: harden_postfix.service.patch BuildRequires: ca-certificates BuildRequires: cyrus-sasl-devel @@ -157,7 +156,6 @@ lmdb. %patch8 %patch9 %patch10 -%patch11 -p1 %patch12 -p1 # --------------------------------------------------------------------------- From e8c4e4ac0bb3033eafda701483ccb06421ad29e30f8a6d6b3c3474aeacd1e0d9 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 10 Apr 2022 09:06:45 +0000 Subject: [PATCH 7/8] Accepting request 966767 from home:varkoly:branches:server:mail - config.postfix fails to set smtp_tls_security_level (bsc#1192314) - config.postfix fails to set smtp_tls_security_level (bsc#1192314) OBS-URL: https://build.opensuse.org/request/show/966767 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=437 --- postfix-SUSE.tar.gz | 4 ++-- postfix-bdb.changes | 6 ++++++ postfix.changes | 6 ++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/postfix-SUSE.tar.gz b/postfix-SUSE.tar.gz index 8d94900..98a4945 100644 --- a/postfix-SUSE.tar.gz +++ b/postfix-SUSE.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:88c14b666402aee1893f0b0b70454f9e57df49d1fb77cdc89c78999ff8f82f13 -size 24422 +oid sha256:1853d69d3d8e46f877815bb850c6bbcf313b039f59284260cb000b5b821326fd +size 24333 diff --git a/postfix-bdb.changes b/postfix-bdb.changes index 24c39da..9465de3 100644 --- a/postfix-bdb.changes +++ b/postfix-bdb.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Apr 4 09:02:48 UTC 2022 - Peter Varkoly + +- config.postfix fails to set smtp_tls_security_level + (bsc#1192314) + ------------------------------------------------------------------- Fri Mar 18 20:29:34 UTC 2022 - Michael Ströder diff --git a/postfix.changes b/postfix.changes index 24c39da..63b8b32 100644 --- a/postfix.changes +++ b/postfix.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Apr 4 09:01:56 UTC 2022 - Peter Varkoly + +- config.postfix fails to set smtp_tls_security_level + (bsc#1192314) + ------------------------------------------------------------------- Fri Mar 18 20:29:34 UTC 2022 - Michael Ströder From 8308be11bf89f6b1f4eed9fa4c451530ae93fa62fcb477da62818372ec47a1ba Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 10 Apr 2022 09:27:44 +0000 Subject: [PATCH 8/8] Accepting request 965609 from home:13ilya - Refreshed spec-file via spec-cleaner and manual optimizated. * Added -p flag to all install commands. * Removed -f flag from all ln commands. - Changed file harden_postfix.service.patch (boo#1191988). OBS-URL: https://build.opensuse.org/request/show/965609 OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=438 --- harden_postfix.service.patch | 10 ++-- postfix.changes | 8 ++++ postfix.spec | 88 +++++++++++++++++------------------- 3 files changed, 57 insertions(+), 49 deletions(-) diff --git a/harden_postfix.service.patch b/harden_postfix.service.patch index 44045ec..b85a1fa 100644 --- a/harden_postfix.service.patch +++ b/harden_postfix.service.patch @@ -2,14 +2,18 @@ Index: postfix-3.6.2/postfix-SUSE/postfix.service =================================================================== --- postfix-3.6.2.orig/postfix-SUSE/postfix.service +++ postfix-3.6.2/postfix-SUSE/postfix.service -@@ -19,6 +19,20 @@ After=amavis.service mysql.service cyrus +@@ -19,6 +19,24 @@ After=amavis.service mysql.service cyrus Conflicts=sendmail.service exim.service [Service] +# added automatically, for details please see +# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort -+ProtectSystem=full -+ReadWritePaths=/etc/postfix ++ ++# Needed write permissions for /etc/aliases.* or /etc/aliases.lmdb ++# https://bugzilla.opensuse.org/show_bug.cgi?id=1191988 ++#ProtectSystem=full ++#ReadWritePaths=/etc/postfix ++ +ProtectHome=false +PrivateDevices=true +ProtectHostname=true diff --git a/postfix.changes b/postfix.changes index 63b8b32..da99363 100644 --- a/postfix.changes +++ b/postfix.changes @@ -4,6 +4,14 @@ Mon Apr 4 09:01:56 UTC 2022 - Peter Varkoly - config.postfix fails to set smtp_tls_security_level (bsc#1192314) +------------------------------------------------------------------- +Tue Mar 29 10:12:29 UTC 2022 - Илья Индиго + +- Refreshed spec-file via spec-cleaner and manual optimizated. + * Added -p flag to all install commands. + * Removed -f flag from all ln commands. +- Changed file harden_postfix.service.patch (boo#1191988). + ------------------------------------------------------------------- Fri Mar 18 20:29:34 UTC 2022 - Michael Ströder diff --git a/postfix.spec b/postfix.spec index 55fb0a9..b3cf0ea 100644 --- a/postfix.spec +++ b/postfix.spec @@ -1,7 +1,7 @@ # # spec file for package postfix # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -52,7 +52,6 @@ Source0: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official Source1: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-%{version}.tar.gz.gpg2#/postfix-%{version}.tar.gz.asc Source2: %{name}-SUSE.tar.gz Source3: %{name}-mysql.tar.bz2 -#Source4: http://cdn.postfix.johnriley.me/mirrors/postfix-release/wietse.pgp#/postfix.keyring Source4: postfix.keyring Source10: %{name}-rpmlintrc Source11: check_mail_queue @@ -68,45 +67,44 @@ Patch7: %{name}-ssl-release-buffers.patch Patch8: %{name}-vda-v14-3.0.3.patch Patch9: fix-postfix-script.patch Patch10: %{name}-avoid-infinit-loop-if-no-permission.patch -Patch11: set-default-db-type.patch -Patch13: harden_postfix.service.patch +Patch11: set-default-db-type.patch +Patch12: harden_postfix.service.patch BuildRequires: ca-certificates BuildRequires: cyrus-sasl-devel -#BuildRequires: db-devel BuildRequires: diffutils BuildRequires: fdupes BuildRequires: libicu-devel BuildRequires: libopenssl-devel >= 1.1.1 +BuildRequires: lmdb-devel BuildRequires: m4 BuildRequires: mysql-devel -%if %{with ldap} -BuildRequires: openldap2-devel -%endif -BuildRequires: lmdb-devel BuildRequires: pcre-devel BuildRequires: pkgconfig BuildRequires: postgresql-devel BuildRequires: shadow +BuildRequires: sysuser-tools BuildRequires: zlib-devel BuildRequires: pkgconfig(systemd) Requires: iproute2 Requires(post): permissions Requires(pre): %fillup_prereq +Requires(pre): group(%{mail_group}) Requires(pre): permissions +Requires(pre): user(nobody) Conflicts: exim -Conflicts: sendmail Conflicts: postfix-bdb +Conflicts: sendmail Provides: postfix-lmdb = %{version}-%{release} Obsoletes: postfix-lmdb < %{version}-%{release} Provides: smtp_daemon %{?systemd_ordering} +%sysusers_requires +%if %{with ldap} +BuildRequires: openldap2-devel +%endif %if %{with libnsl} BuildRequires: libnsl-devel %endif -BuildRequires: sysuser-tools -Requires(pre): user(nobody) -Requires(pre): group(%{mail_group}) -%sysusers_requires %description Postfix aims to be an alternative to the widely-used sendmail program. @@ -132,10 +130,10 @@ This package contains the documentation for %{name} Summary: Postfix plugin to support MySQL maps Group: Productivity/Networking/Email/Servers Requires(pre): %{name} = %{version} +%sysusers_requires %if 0%{?suse_version} < 1550 Provides: group(vmail) %endif -%sysusers_requires %description mysql Postfix plugin to support MySQL maps. This library will be loaded by @@ -176,7 +174,7 @@ maps with Postfix, you need this. %patch9 %patch10 %patch11 -%patch13 -p1 +%patch12 -p1 # --------------------------------------------------------------------------- @@ -235,12 +233,12 @@ export CCARGS="${CCARGS} -DNO_DB -DDEF_DB_TYPE=\\\"lmdb\\\"" export PIE=-pie # using SHLIB_RPATH to specify unrelated linker flags, because LDFLAGS is # ignored -make makefiles pie=yes shared=yes dynamicmaps=yes \ +%make_build makefiles pie=yes shared=yes dynamicmaps=yes \ shlib_directory=%{_prefix}/lib/%{name} \ meta_directory=%{_prefix}/lib/%{name} \ config_directory=%{_sysconfdir}/%{name} \ SHLIB_RPATH="-Wl,-rpath,%{pf_shlib_directory} -Wl,-z,relro,-z,now" -make %{?_smp_mflags} +%make_build # Create postfix user %sysusers_generate_pre %{SOURCE12} postfix postfix-user.conf %sysusers_generate_pre %{SOURCE13} vmail postfix-vmail-user.conf @@ -252,7 +250,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/%{name} # create our default postfix ssl DIR (/etc/postfix/ssl) mkdir -p %{buildroot}%{_sysconfdir}/%{name}/ssl/certs # link cacerts to /etc/ssl/certs -ln -sf ../../ssl/certs %{buildroot}%{_sysconfdir}/%{name}/ssl/cacerts +ln -s ../../ssl/certs %{buildroot}%{_sysconfdir}/%{name}/ssl/cacerts cp lib/lib%{name}-* %{buildroot}/%{_libdir} export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:%{buildroot}/%{_libdir} sh postfix-install -non-interactive \ @@ -268,9 +266,9 @@ sh postfix-install -non-interactive \ setgid_group=%{pf_setgid_group} \ readme_directory=%{pf_readme_directory} \ data_directory=%{pf_data_directory} -ln -sf ../sbin/sendmail %{buildroot}%{_libexecdir}/sendmail +ln -s ../sbin/sendmail %{buildroot}%{_libexecdir}/sendmail for i in qmqp-source smtp-sink smtp-source; do - install -m 755 bin/$i %{buildroot}%{_sbindir}/$i + install -pm 0755 bin/$i %{buildroot}%{_sbindir}/$i done mkdir -p %{buildroot}/sbin/conf.d mkdir -p %{buildroot}%{_sysconfdir}/permissions.d @@ -281,10 +279,10 @@ mkdir -p %{buildroot}/%{pf_sample_directory} mkdir -p %{buildroot}/%{pf_html_directory} mkdir -p %{buildroot}%{_includedir}/%{name} mkdir -p %{buildroot}%{_sysconfdir}/pam.d -install -m 644 %{name}-SUSE/smtp %{buildroot}%{_sysconfdir}/pam.d/smtp +install -pm 0644 %{name}-SUSE/smtp %{buildroot}%{_sysconfdir}/pam.d/smtp mkdir -p %{buildroot}%{_fillupdir} sed -e 's;@lib@;%{_lib};g' %{name}-SUSE/sysconfig.%{name} > %{buildroot}%{_fillupdir}/sysconfig.%{name} -install -m 644 %{name}-SUSE/sysconfig.mail-%{name} %{buildroot}%{_fillupdir}/sysconfig.mail-%{name} +install -pm 0644 %{name}-SUSE/sysconfig.mail-%{name} %{buildroot}%{_fillupdir}/sysconfig.mail-%{name} sed -e 's;@lib@;%{_lib};g' \ -e 's;@conf_backup_dir@;%{conf_backup_dir};' \ -e 's;@daemon_directory@;%{pf_daemon_directory};' \ @@ -296,19 +294,19 @@ sed -e 's;@lib@;%{_lib};g' \ -e 's;@newaliases_path@;%{pf_newaliases_path};' \ -e 's;@sample_directory@;%{pf_sample_directory};' \ -e 's;@mailq_path@;%{pf_mailq_path};' %{name}-SUSE/config.%{name} > %{buildroot}%{_sbindir}/config.%{name} -chmod 755 %{buildroot}%{_sbindir}/config.%{name} -install -m 644 %{name}-SUSE/ldap_aliases.cf %{buildroot}%{_sysconfdir}/%{name}/ldap_aliases.cf -install -m 644 %{name}-SUSE/helo_access %{buildroot}%{_sysconfdir}/%{name}/helo_access -install -m 644 %{name}-SUSE/permissions %{buildroot}%{_sysconfdir}/permissions.d/%{name} -install -m 644 %{name}-SUSE/sender_canonical %{buildroot}%{_sysconfdir}/%{name}/sender_canonical -install -m 644 %{name}-SUSE/relay %{buildroot}%{_sysconfdir}/%{name}/relay -install -m 644 %{name}-SUSE/relay_ccerts %{buildroot}%{_sysconfdir}/%{name}/relay_ccerts -install -m 644 %{name}-SUSE/relay_recipients %{buildroot}%{_sysconfdir}/%{name}/relay_recipients -install -m 600 %{name}-SUSE/sasl_passwd %{buildroot}%{_sysconfdir}/%{name}/sasl_passwd +chmod 0755 %{buildroot}%{_sbindir}/config.%{name} +install -pm 0644 %{name}-SUSE/ldap_aliases.cf %{buildroot}%{_sysconfdir}/%{name}/ldap_aliases.cf +install -pm 0644 %{name}-SUSE/helo_access %{buildroot}%{_sysconfdir}/%{name}/helo_access +install -pm 0644 %{name}-SUSE/permissions %{buildroot}%{_sysconfdir}/permissions.d/%{name} +install -pm 0644 %{name}-SUSE/sender_canonical %{buildroot}%{_sysconfdir}/%{name}/sender_canonical +install -pm 0644 %{name}-SUSE/relay %{buildroot}%{_sysconfdir}/%{name}/relay +install -pm 0644 %{name}-SUSE/relay_ccerts %{buildroot}%{_sysconfdir}/%{name}/relay_ccerts +install -pm 0644 %{name}-SUSE/relay_recipients %{buildroot}%{_sysconfdir}/%{name}/relay_recipients +install -pm 0600 %{name}-SUSE/sasl_passwd %{buildroot}%{_sysconfdir}/%{name}/sasl_passwd mkdir -p %{buildroot}%{_sysconfdir}/sasl2 -install -m 600 %{name}-SUSE/smtpd.conf %{buildroot}%{_sysconfdir}/sasl2/smtpd.conf -install -m 644 %{name}-SUSE/openssl_%{name}.conf.in %{buildroot}%{_sysconfdir}/%{name}/openssl_%{name}.conf.in -install -m 755 %{name}-SUSE/mk%{name}cert %{buildroot}%{_sbindir}/mk%{name}cert +install -pm 0600 %{name}-SUSE/smtpd.conf %{buildroot}%{_sysconfdir}/sasl2/smtpd.conf +install -pm 0644 %{name}-SUSE/openssl_%{name}.conf.in %{buildroot}%{_sysconfdir}/%{name}/openssl_%{name}.conf.in +install -pm 0755 %{name}-SUSE/mk%{name}cert %{buildroot}%{_sbindir}/mk%{name}cert { cat<> %{buildroot}%{_sysconfdir}/permissions.d/%{name}.paranoid printf '%%-38s %%-18s %%s\n' %{_sbindir}/postqueue "root.%{pf_setgid_group}" "0755" >> %{buildroot}%{_sysconfdir}/permissions.d/%{name}.paranoid -install -m 644 include/*.h %{buildroot}%{_includedir}/%{name}/ +install -pm 0644 include/*.h %{buildroot}%{_includedir}/%{name}/ # some rpmlint stuff # remove unneeded examples/chroot-setup for example in AIX42 BSDI* F* HPUX* IRIX* NETBSD1 NEXTSTEP3 OPENSTEP4 OSF1 Solaris*; do @@ -366,12 +364,12 @@ rm %{buildroot}%{pf_docdir}/README_FILES/INSTALL rm -f %{buildroot}%{_sysconfdir}/%{name}/*.orig mkdir -p %{buildroot}%{_unitdir}/mail-transfer-agent.target.wants/ mkdir -p %{buildroot}%{pf_shlib_directory}/systemd -install -m 0644 %{name}-SUSE/%{name}.service %{buildroot}%{_unitdir}/%{name}.service -install -m 0755 %{name}-SUSE/config_%{name}.systemd %{buildroot}%{pf_shlib_directory}/systemd/config_%{name} -install -m 0755 %{name}-SUSE/update_chroot.systemd %{buildroot}%{pf_shlib_directory}/systemd/update_chroot -install -m 0755 %{name}-SUSE/update_postmaps.systemd %{buildroot}%{pf_shlib_directory}/systemd/update_postmaps -install -m 0755 %{name}-SUSE/wait_qmgr.systemd %{buildroot}%{pf_shlib_directory}/systemd/wait_qmgr -install -m 0755 %{name}-SUSE/cond_slp.systemd %{buildroot}%{pf_shlib_directory}/systemd/cond_slp +install -pm 0644 %{name}-SUSE/%{name}.service %{buildroot}%{_unitdir}/%{name}.service +install -pm 0755 %{name}-SUSE/config_%{name}.systemd %{buildroot}%{pf_shlib_directory}/systemd/config_%{name} +install -pm 0755 %{name}-SUSE/update_chroot.systemd %{buildroot}%{pf_shlib_directory}/systemd/update_chroot +install -pm 0755 %{name}-SUSE/update_postmaps.systemd %{buildroot}%{pf_shlib_directory}/systemd/update_postmaps +install -pm 0755 %{name}-SUSE/wait_qmgr.systemd %{buildroot}%{pf_shlib_directory}/systemd/wait_qmgr +install -pm 0755 %{name}-SUSE/cond_slp.systemd %{buildroot}%{pf_shlib_directory}/systemd/cond_slp ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name} ln -sv %{_unitdir}/%{name}.service %{buildroot}%{_unitdir}/mail-transfer-agent.target.wants/%{name}.service %fdupes %{buildroot}%{pf_docdir} @@ -465,10 +463,8 @@ fi # --------------------------------------------------------------------------- %pre mysql -f vmail.pre - %post mysql -p /sbin/ldconfig %postun mysql -p /sbin/ldconfig - %post postgresql -p /sbin/ldconfig %postun postgresql -p /sbin/ldconfig