From d901fa0eecea1adf0224862c812ae750c9b85f579bb962eb4ff00d82ab351ba4 Mon Sep 17 00:00:00 2001
From: Peter Varkoly <varkoly@suse.com>
Date: Fri, 19 Jan 2024 08:21:19 +0000
Subject: [PATCH] Adapt postfix-bdb.changes

OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=468
---
 postfix-bdb.changes | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/postfix-bdb.changes b/postfix-bdb.changes
index f443e1d..5f1ba94 100644
--- a/postfix-bdb.changes
+++ b/postfix-bdb.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Dec 28 07:57:23 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update default configuration to enable the long-term fix for
+  bsc#1218304, bsc#1218314 CVE-2023-51764, SMTP smuggling attack:
+  * smtpd_forbid_bare_newline = yes
+  * smtpd_forbid_bare_newline_exclusions = $mynetworks
+
 -------------------------------------------------------------------
 Fri Dec 22 17:57:57 UTC 2023 - Arjen de Korte <suse+build@de-korte.org>
 
@@ -184,7 +192,7 @@ Sun Oct  9 12:00:55 UTC 2022 - Michael Ströder <michael@stroeder.com>
 
 - update to 3.7.3
   * Fixed a bug where some messages were not delivered after
-    "warning: Unexpected record type 'X'.
+    "warning: Unexpected record type 'X'. (bsc#1213515)
   * Workaround: in a TLS server disable Postfix's 1-element internal session
     cache, to work around an OpenSSL 3.0 regression that broke TLS handshakes.
   * Code health: the fix for milter_header_checks (3.7.1, 3.6.6, 3.5.16, 3.4.26)