pool/postfix
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1155290 from home:adkorte:branches:server:mail

Browse Source 
- update to 3.8.6
  * Bugfix (defect introduced: Postfix 2.3, date 20051222): the
    Dovecot auth client did not reset the 'reason' from a previous
    Dovecot auth service response, before parsing the next Dovecot
    auth server response in the same SMTP session, resulting in a
    nonsensical "authentication failed" warning message. Reported
    by Stephan Bosch.
  * Bugfix (defect introduced: Postfix 3.1, date: 20151128):
    "postqueue -j" produced broken JSON when escaping a control
    character as \uXXXX. Found during code maintenance.
  * Cleanup: this fixes posttls-finger certificate match expectations
    for all TLS security levels, including warnings for levels that
    don't implement certificate matching. By Viktor Dukhovni.
  * Bugfix (defect introduced: Postfix 2.3): after prepending a
    header at the top of a message (with an access(5), header_checks(5)
    or Milter action), the Postfix Milter "delete header" or "update
    header" action was skipping the prepended header, instead of
    skipping the Postfix-generated Received: header. Problem report
    by Carlos Velasco.
  * Workaround: tlsmgr logfile spam. Reportedly, some OS lies under
    load: it says that a socket is readable, then it says that the
    socket has unread data, and then it says that read returns EOF,
    causing Postfix to spam the log with a warning message.
  * Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT
    command handler could be tricked to read $message_size_limit
    bytes into memory. Found during code maintenance.
  * Safety: limit the total size of DNS lookup results to 100
    records; drop the excess records, and log a warning. This limit
    is 20x larger than the number of server addresses that the
    Postfix SMTP client is willing to consider when delivering mail,
    and is far below the number of records that could cause a tail
    recursion crash in dns_rr_append() as reported by Toshifumi
    Sakaguchi. This fix also limits the number of DNS requests that
    a check_*_*_access restriction can make.
  * Performance, related to the previous problem: eliminate worst-case
    behavior where the queue manager could defer delivery to all
    destinations over a specific delivery transport, after only a
    single delivery agent crash. The scheduler now throttles
    deliveries to one destination, and allows other deliveries to
    keep making progress.
- change to functioning mirror (http://cdn.postfix.johnriley.me/ 
  has been dead for a while although it is still listed upstream)
- make output of %setup less verbose by restoring -q option

OBS-URL: https://build.opensuse.org/request/show/1155290
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=477
This commit is contained in:
Christian Wittmer 2024-03-06 14:51:10 +00:00 committed by Git OBS Bridge
parent 66bf7a3bca
commit 9152b407e9
8 changed files with 112 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
postfix-3.8.5.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f3e827a2b2e410359ad25d31341970434ab07e36139f9a2ef93981b0ec564c85
size 4871284

7
postfix-3.8.5.tar.gz.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iFcDBQBlradJDAtZDoDKFacRClupAP9JjaFccevkBz/VVFI5sRZtqXX1U/L4POL+
67DeiaTf1QD+NW7/pXF26ttt16c0FS9ZC01fEFxBjhhX/GDmKNRrL7M=
=sCQw
-----END PGP SIGNATURE-----

3
postfix-3.8.6.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4b6e17c826cc438cc3016a9c0a55ea7e77c6cbafba7dd57241d81b690b0e9774
size 4873054

7
postfix-3.8.6.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iFcDBQBl5ietDAtZDoDKFacRCohlAP9+xzfCths5ZTBLzZJwDMI8hFS+1oDXOC4C
1z1Zh0OKtgD/T7DfIIG3MjyGAC/oqUD7ssjUZapz6XRu/fhSiOK1NU8=
=v0k3
-----END PGP SIGNATURE-----

47
postfix-bdb.changes
View File

@ -1,3 +1,50 @@
-------------------------------------------------------------------
Tue Mar 5 16:46:16 UTC 2024 - Arjen de Korte <suse+build@de-korte.org>
- update to 3.8.6
* Bugfix (defect introduced: Postfix 2.3, date 20051222): the
Dovecot auth client did not reset the 'reason' from a previous
Dovecot auth service response, before parsing the next Dovecot
auth server response in the same SMTP session, resulting in a
nonsensical "authentication failed" warning message. Reported
by Stephan Bosch.
* Bugfix (defect introduced: Postfix 3.1, date: 20151128):
"postqueue -j" produced broken JSON when escaping a control
character as \uXXXX. Found during code maintenance.
* Cleanup: this fixes posttls-finger certificate match expectations
for all TLS security levels, including warnings for levels that
don't implement certificate matching. By Viktor Dukhovni.
* Bugfix (defect introduced: Postfix 2.3): after prepending a
header at the top of a message (with an access(5), header_checks(5)
or Milter action), the Postfix Milter "delete header" or "update
header" action was skipping the prepended header, instead of
skipping the Postfix-generated Received: header. Problem report
by Carlos Velasco.
* Workaround: tlsmgr logfile spam. Reportedly, some OS lies under
load: it says that a socket is readable, then it says that the
socket has unread data, and then it says that read returns EOF,
causing Postfix to spam the log with a warning message.
* Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT
command handler could be tricked to read $message_size_limit
bytes into memory. Found during code maintenance.
* Safety: limit the total size of DNS lookup results to 100
records; drop the excess records, and log a warning. This limit
is 20x larger than the number of server addresses that the
Postfix SMTP client is willing to consider when delivering mail,
and is far below the number of records that could cause a tail
recursion crash in dns_rr_append() as reported by Toshifumi
Sakaguchi. This fix also limits the number of DNS requests that
a check_*_*_access restriction can make.
* Performance, related to the previous problem: eliminate worst-case
behavior where the queue manager could defer delivery to all
destinations over a specific delivery transport, after only a
single delivery agent crash. The scheduler now throttles
deliveries to one destination, and allows other deliveries to
keep making progress.
- change to functioning mirror (http://cdn.postfix.johnriley.me/
has been dead for a while although it is still listed upstream)
- make output of %setup less verbose by restoring -q option
-------------------------------------------------------------------
Tue Mar 5 12:19:01 UTC 2024 - Peter Varkoly <varkoly@suse.com>

8
postfix-bdb.spec
View File

@ -59,14 +59,14 @@
%endif
%bcond_without ldap
Name: postfix-bdb
Version: 3.8.5
Version: 3.8.6
Release: 0
Summary: A fast, secure, and flexible mailer
License: EPL-2.0 OR IPL-1.0
Group: Productivity/Networking/Email/Servers
URL: http://www.postfix.org
Source0: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-%{version}.tar.gz
Source1: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-%{version}.tar.gz.gpg2#/postfix-%{version}.tar.gz.asc
Source0: https://de.postfix.org/ftpmirror/official/postfix-%{version}.tar.gz
Source1: https://de.postfix.org/ftpmirror/official/postfix-%{version}.tar.gz.gpg2#/postfix-%{version}.tar.gz.asc
Source2: postfix-SUSE.tar.gz
Source3: postfix-mysql.tar.bz2
#Source4: http://cdn.postfix.johnriley.me/mirrors/postfix-release/wietse.pgp#/postfix.keyring
@ -157,7 +157,7 @@ lmdb.
%endif
%prep
%setup -n postfix-%{version} -a 2 -a 3
%setup -q -n postfix-%{version} -a 2 -a 3
%autopatch -p0
# ---------------------------------------------------------------------------

47
postfix.changes
View File

@ -1,3 +1,50 @@
-------------------------------------------------------------------
Tue Mar 5 16:46:16 UTC 2024 - Arjen de Korte <suse+build@de-korte.org>
- update to 3.8.6
* Bugfix (defect introduced: Postfix 2.3, date 20051222): the
Dovecot auth client did not reset the 'reason' from a previous
Dovecot auth service response, before parsing the next Dovecot
auth server response in the same SMTP session, resulting in a
nonsensical "authentication failed" warning message. Reported
by Stephan Bosch.
* Bugfix (defect introduced: Postfix 3.1, date: 20151128):
"postqueue -j" produced broken JSON when escaping a control
character as \uXXXX. Found during code maintenance.
* Cleanup: this fixes posttls-finger certificate match expectations
for all TLS security levels, including warnings for levels that
don't implement certificate matching. By Viktor Dukhovni.
* Bugfix (defect introduced: Postfix 2.3): after prepending a
header at the top of a message (with an access(5), header_checks(5)
or Milter action), the Postfix Milter "delete header" or "update
header" action was skipping the prepended header, instead of
skipping the Postfix-generated Received: header. Problem report
by Carlos Velasco.
* Workaround: tlsmgr logfile spam. Reportedly, some OS lies under
load: it says that a socket is readable, then it says that the
socket has unread data, and then it says that read returns EOF,
causing Postfix to spam the log with a warning message.
* Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT
command handler could be tricked to read $message_size_limit
bytes into memory. Found during code maintenance.
* Safety: limit the total size of DNS lookup results to 100
records; drop the excess records, and log a warning. This limit
is 20x larger than the number of server addresses that the
Postfix SMTP client is willing to consider when delivering mail,
and is far below the number of records that could cause a tail
recursion crash in dns_rr_append() as reported by Toshifumi
Sakaguchi. This fix also limits the number of DNS requests that
a check_*_*_access restriction can make.
* Performance, related to the previous problem: eliminate worst-case
behavior where the queue manager could defer delivery to all
destinations over a specific delivery transport, after only a
single delivery agent crash. The scheduler now throttles
deliveries to one destination, and allows other deliveries to
keep making progress.
- change to functioning mirror (http://cdn.postfix.johnriley.me/
has been dead for a while although it is still listed upstream)
- make output of %setup less verbose by restoring -q option
-------------------------------------------------------------------
Tue Mar 5 12:19:01 UTC 2024 - Peter Varkoly <varkoly@suse.com>

8
postfix.spec
View File

@ -46,14 +46,14 @@
%endif
%bcond_without ldap
Name: postfix
Version: 3.8.5
Version: 3.8.6
Release: 0
Summary: A fast, secure, and flexible mailer
License: EPL-2.0 OR IPL-1.0
Group: Productivity/Networking/Email/Servers
URL: http://www.postfix.org
Source0: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-%{version}.tar.gz
Source1: http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-%{version}.tar.gz.gpg2#/postfix-%{version}.tar.gz.asc
Source0: https://de.postfix.org/ftpmirror/official/postfix-%{version}.tar.gz
Source1: https://de.postfix.org/ftpmirror/official/postfix-%{version}.tar.gz.gpg2#/postfix-%{version}.tar.gz.asc
Source2: %{name}-SUSE.tar.gz
Source3: %{name}-mysql.tar.bz2
Source4: postfix.keyring
@ -176,7 +176,7 @@ maps with Postfix, you need this.
%endif
%prep
%setup -a 2 -a 3
%setup -q -a 2 -a 3
%autopatch -p0
# ---------------------------------------------------------------------------