Adapt postfix-bdb.changes

OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=468
2024-01-19 08:21:19 +00:00 · 2024-01-19 08:21:19 +00:00 · d901fa0eec
commit d901fa0eec
parent 2dbf2d0cc3
1 changed files with 9 additions and 1 deletions
--- a/postfix-bdb.changes
+++ b/postfix-bdb.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Dec 28 07:57:23 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update default configuration to enable the long-term fix for
+  bsc#1218304, bsc#1218314 CVE-2023-51764, SMTP smuggling attack:
+  * smtpd_forbid_bare_newline = yes
+  * smtpd_forbid_bare_newline_exclusions = $mynetworks
+
 -------------------------------------------------------------------
 Fri Dec 22 17:57:57 UTC 2023 - Arjen de Korte <suse+build@de-korte.org>

@ -184,7 +192,7 @@ Sun Oct  9 12:00:55 UTC 2022 - Michael Ströder <michael@stroeder.com>

 - update to 3.7.3
  * Fixed a bug where some messages were not delivered after
-    "warning: Unexpected record type 'X'.
+    "warning: Unexpected record type 'X'. (bsc#1213515)
  * Workaround: in a TLS server disable Postfix's 1-element internal session
    cache, to work around an OpenSSL 3.0 regression that broke TLS handshakes.
  * Code health: the fix for milter_header_checks (3.7.1, 3.6.6, 3.5.16, 3.4.26)