- update to 3.8.6
* Bugfix (defect introduced: Postfix 2.3, date 20051222): the
Dovecot auth client did not reset the 'reason' from a previous
Dovecot auth service response, before parsing the next Dovecot
auth server response in the same SMTP session, resulting in a
nonsensical "authentication failed" warning message. Reported
by Stephan Bosch.
* Bugfix (defect introduced: Postfix 3.1, date: 20151128):
"postqueue -j" produced broken JSON when escaping a control
character as \uXXXX. Found during code maintenance.
* Cleanup: this fixes posttls-finger certificate match expectations
for all TLS security levels, including warnings for levels that
don't implement certificate matching. By Viktor Dukhovni.
* Bugfix (defect introduced: Postfix 2.3): after prepending a
header at the top of a message (with an access(5), header_checks(5)
or Milter action), the Postfix Milter "delete header" or "update
header" action was skipping the prepended header, instead of
skipping the Postfix-generated Received: header. Problem report
by Carlos Velasco.
* Workaround: tlsmgr logfile spam. Reportedly, some OS lies under
load: it says that a socket is readable, then it says that the
socket has unread data, and then it says that read returns EOF,
causing Postfix to spam the log with a warning message.
* Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT
command handler could be tricked to read $message_size_limit
bytes into memory. Found during code maintenance.
* Safety: limit the total size of DNS lookup results to 100
records; drop the excess records, and log a warning. This limit
is 20x larger than the number of server addresses that the
Postfix SMTP client is willing to consider when delivering mail,
and is far below the number of records that could cause a tail
recursion crash in dns_rr_append() as reported by Toshifumi
Sakaguchi. This fix also limits the number of DNS requests that
a check_*_*_access restriction can make.
* Performance, related to the previous problem: eliminate worst-case
behavior where the queue manager could defer delivery to all
destinations over a specific delivery transport, after only a
single delivery agent crash. The scheduler now throttles
deliveries to one destination, and allows other deliveries to
keep making progress.
- change to functioning mirror (http://cdn.postfix.johnriley.me/
has been dead for a while although it is still listed upstream)
- make output of %setup less verbose by restoring -q option
OBS-URL: https://build.opensuse.org/request/show/1155290
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=477
- update default configuration to enable the long-term fix for
bsc#1218304, CVE-2023-51764, SMTP smuggling attack:
* smtpd_forbid_bare_newline = yes
* smtpd_forbid_bare_newline_exclusions = $mynetworks
- update to 3.8.4 (bsc#1218304, CVE-2023-51764):
https://www.postfix.org/smtp-smuggling.html
- Syntax error in update_postmaps script (bsc#1216061)
(bsc#1215372)
(bsc#1192314)
Adapt proposed change: using "cp -afL" by copying.
Define HAS_CLOSEFROM
(bsc#1189101)
(bsc#1188477)
(bsc#1066854)
For more see /usr/share/doc/packages/postfix/RELEASE_NOTES
(bsc#1181381) [Build 130.3] openQA test fails in mta, mutt -
postfix broken: "queue file write error" and "error: unsupported
- bsc#1176650 L3: What is regularly triggering the "fillup"
o add patch for main.cf for postfix-bdb package
- Delete postfix-SUSE/README.SuSE, company name spelled wrong,
- bsc#1162891 server:mail/postfix: cond_slp bug on TW after
- bsc#1160413 postfix fails with -fno-common
- bsc#1142881 - mkpostfixcert from Postfix still uses md
o Major changes
Postfix 3.4.4 fixes both.
o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty
- Replace references to /var/adm/fillup-templates with new
- bnc#1059512 L3: Postfix Problem
seems to be obsolete)
OBS-URL: https://build.opensuse.org/request/show/1135431
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postfix?expand=0&rev=231
- Syntax error in update_postmaps script (bsc#1216061)
(bsc#1215372)
(bsc#1192314)
Adapt proposed change: using "cp -afL" by copying.
Define HAS_CLOSEFROM
(bsc#1189101)
(bsc#1188477)
(bsc#1066854)
For more see /usr/share/doc/packages/postfix/RELEASE_NOTES
(bsc#1181381) [Build 130.3] openQA test fails in mta, mutt -
postfix broken: "queue file write error" and "error: unsupported
- bsc#1176650 L3: What is regularly triggering the "fillup"
o add patch for main.cf for postfix-bdb package
- Delete postfix-SUSE/README.SuSE, company name spelled wrong,
- bsc#1162891 server:mail/postfix: cond_slp bug on TW after
- bsc#1160413 postfix fails with -fno-common
- bsc#1142881 - mkpostfixcert from Postfix still uses md
o Major changes
Postfix 3.4.4 fixes both.
o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty
- Replace references to /var/adm/fillup-templates with new
- bnc#1059512 L3: Postfix Problem
seems to be obsolete)
* recover lost (with 3.2.0 update) submission, smtps sections
- update to 3.1.4
- bnc#981097 config.postfix creates broken main.cf for tls client configuration
(no "mailq" equivalent).
smtp_transport_rate_delay = 20s
missed opportunities to block new spambots.
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=462
- update to 3.8.3
* Bugfix (defect introduced Postfix 2.5, date 20080104): the
Postfix SMTP server was waiting for a client command instead
of replying immediately, after a client certificate verification
error in TLS wrappermode. Reported by Andreas Kinzler.
* Usability: the Postfix SMTP server (finally) attempts to log
the SASL username after authentication failure. In Postfix
logging, this appends ", sasl_username=xxx" after the reason
for SASL authentication failure. The logging replaces an
unavailable reason with "(reason unavailable)", and replaces
an unavailable sasl_username with "(unavailable)". Based on
code by Jozsef Kadlecsik.
* Compatibility bugfix (defect introduced: Postfix 2.11, date
20130405): in forward_path, the expression ${recipient_delimiter}
would expand to an empty string when a recipient address had
no recipient delimiter. The compatibility fix is to use a
configured recipient delimiter value instead. Reported by Tod
A. Sandman.
OBS-URL: https://build.opensuse.org/request/show/1123266
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=459
- update to 3.8.1
* Optional: harden a Postfix SMTP server against remote SMTP
clients that violate RFC 2920 (or 5321) command pipelining
constraints. With "smtpd_forbid_unauth_pipelining = yes", the
server disconnects a client immediately, after responding with
"554 5.5.0 Error: SMTP protocol synchronization" and after
logging "improper command pipelining" with the unexpected remote
SMTP client input. This feature is disabled by default in Postfix
3.5-3.8 to avoid breaking home-grown utilities, but it is enabled
by default in Postfix 3.9. A similar feature is enabled by
default in the Exim SMTP server.
* Optional: some OS distributions crank up TLS security to 11,
and in doing so increase the number of plaintext email deliveries.
This introduces basic OpenSSL configuration file support that
may be used to override OS-level settings.
Details are in the postconf(5) manpage under tls_config_file
and tls_config_name.
* Bugfix (defect introduced: Postfix 1.0): the command "postconf
.. name=v1 .. name=v2 .." (multiple instances of the same
parameter name) created multiple main.cf name=value entries
with the same parameter name. It now logs a warning and skips
the earlier name(s) and value(s). Found during code maintenance.
* Bugfix (defect introduced: Postfix 3.3): the command "postconf
-M name1/type1='name2 type2 ...'" died with a segmentation
violation when the request matched multiple master.cf entries.
The master.cf file was not damaged. Problem reported by SATOH
Fumiyasu.
* Bugfix (defect introduced: Postfix 2.11): the command "postconf
-M name1/type1='name2 type2 ...'" could add a service definition
to master.cf that conflicted with an already existing service
definition. It now replaces all existing service definitions
that match the service pattern 'name1/type1' or the service
name and type in 'name2 type2 ...' with a single service
definition 'name2 type2 ...'. Problem reported by SATOH Fumiyasu.
* Bugfix (defect introduced: Postfix 3.8) the posttls-finger
command could access uninitialized memory when reconnecting.
This also fixes a malformed warning message when a destination
contains ":service" information. Reported by Thomas Korbar.
* Bugfix (defect introduced: Postfix 3.2): the MySQL client could
return "not found" instead of "error" (for example, resulting
in a 5XX SMTP status instead of 4XX) during the time that all
MySQL server connections were turned down after error. Found
during code maintenance. File: global/dict_mysql.c. This was
already fixed in Postfix 3.4-3.7.
- update to 3.8.1
* Optional: harden a Postfix SMTP server against remote SMTP
clients that violate RFC 2920 (or 5321) command pipelining
constraints. With "smtpd_forbid_unauth_pipelining = yes", the
server disconnects a client immediately, after responding with
"554 5.5.0 Error: SMTP protocol synchronization" and after
logging "improper command pipelining" with the unexpected remote
SMTP client input. This feature is disabled by default in Postfix
3.5-3.8 to avoid breaking home-grown utilities, but it is enabled
by default in Postfix 3.9. A similar feature is enabled by
default in the Exim SMTP server.
* Optional: some OS distributions crank up TLS security to 11,
and in doing so increase the number of plaintext email deliveries.
This introduces basic OpenSSL configuration file support that
may be used to override OS-level settings.
Details are in the postconf(5) manpage under tls_config_file
and tls_config_name.
* Bugfix (defect introduced: Postfix 1.0): the command "postconf
.. name=v1 .. name=v2 .." (multiple instances of the same
parameter name) created multiple main.cf name=value entries
with the same parameter name. It now logs a warning and skips
the earlier name(s) and value(s). Found during code maintenance.
* Bugfix (defect introduced: Postfix 3.3): the command "postconf
-M name1/type1='name2 type2 ...'" died with a segmentation
violation when the request matched multiple master.cf entries.
The master.cf file was not damaged. Problem reported by SATOH
Fumiyasu.
* Bugfix (defect introduced: Postfix 2.11): the command "postconf
-M name1/type1='name2 type2 ...'" could add a service definition
to master.cf that conflicted with an already existing service
definition. It now replaces all existing service definitions
that match the service pattern 'name1/type1' or the service
name and type in 'name2 type2 ...' with a single service
definition 'name2 type2 ...'. Problem reported by SATOH Fumiyasu.
* Bugfix (defect introduced: Postfix 3.8) the posttls-finger
command could access uninitialized memory when reconnecting.
This also fixes a malformed warning message when a destination
contains ":service" information. Reported by Thomas Korbar.
* Bugfix (defect introduced: Postfix 3.2): the MySQL client could
return "not found" instead of "error" (for example, resulting
in a 5XX SMTP status instead of 4XX) during the time that all
MySQL server connections were turned down after error. Found
during code maintenance. File: global/dict_mysql.c. This was
already fixed in Postfix 3.4-3.7.
OBS-URL: https://build.opensuse.org/request/show/1091141
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=456
- update to 3.8.0
* Support to look up DNS SRV records in the Postfix SMTP/LMTP
client, Based on code by Tomas Korbar (Red Hat). For example,
with "use_srv_lookup = submission" and "relayhost =
example.com:submission", the Postfix SMTP client will look up
DNS SRV records for _submission._tcp.example.com, and will relay
email through the hosts and ports that are specified with those
records.
* TLS obsolescence: Postfix now treats the "export" and "low"
cipher grade settings as "medium". The "export" and "low" grades
are no longer supported in OpenSSL 1.1.1, the minimum version
required in Postfix 3.6.0 and later. Also, Postfix default
settings now exclude deprecated or unused ciphers (SEED, IDEA,
3DES, RC2, RC4, RC5), digest (MD5), key exchange algorithms
(DH, ECDH), and public key algorithm (DSS).
* Attack resistance: the Postfix SMTP server can now aggregate
smtpd_client_*_rate and smtpd_client_*_count statistics by
network block instead of by IP address, to raise the bar against
a memory exhaustion attack in the anvil(8) server; Postfix TLS
support unconditionally disables TLS renegotiation in the middle
of an SMTP connection, to avoid a CPU exhaustion attack.
* The PostgreSQL client encoding is now configurable with the
"encoding" Postfix configuration file attribute. The default
is "UTF8". Previously the encoding was hard-coded as "LATIN1",
which is not useful in the context of SMTP.
* The postconf command now warns for #comment in or after a Postfix
parameter value. Postfix programs do not support #comment after
other text, and treat that as input.
- rebase/refresh patches
* pointer_to_literals.patch
* postfix-linux45.patch
* postfix-master.cf.patch
* postfix-ssl-release-buffers.patch
* set-default-db-type.patch
OBS-URL: https://build.opensuse.org/request/show/1080180
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=454
- update to 3.7.4
* Workaround: with OpenSSL 3 and later always turn on
SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages and missed
opportunities for TLS session reuse. This is safe because the SMTP protocol
implements application-level framing, and is therefore not affected by TLS
truncation attacks.
* Workaround: OpenSSL 3.x EVP_get_digestbyname() can return lazily-bound
handles for digest implementations. In sufficiently hostile configurations,
Postfix could mistakenly believe that a digest algorithm is available, and
fail when it is not. A similar workaround may be needed for
EVP_get_cipherbyname().
* Bugfix (bug introduced in Postfix 2.11): the checkok() macro in
tls/tls_fprint.c evaluated its argument unconditionally; it should evaluate
the argument only if there was no prior error.
* Bugfix (bug introduced in Postfix 2.8): postscreen died with a segmentation
violation when postscreen_dnsbl_threshold < 1. It should reject such input
with a fatal error instead.
* Bitrot: fixes for linker warnings from newer Darwin (MacOS) versions.
* Portability: Linux 6 support.
* Added missing documentation that cidr:, pcre: and regexp: tables support
inline specification only in Postfix 3.7 and later.
* Rebased postfix-linux45.patch
- update to 3.7.4
* Workaround: with OpenSSL 3 and later always turn on
SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages and missed
opportunities for TLS session reuse. This is safe because the SMTP protocol
implements application-level framing, and is therefore not affected by TLS
truncation attacks.
* Workaround: OpenSSL 3.x EVP_get_digestbyname() can return lazily-bound
OBS-URL: https://build.opensuse.org/request/show/1067720
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=453
- SELinux: postfix denied to access /var/spool/postfix/pid/master.pid
(bsc#1207177) Apply proposed changes in postfix.service
- remove patch included into the source:
harden_postfix.service.patch
- SELinux: postfix denied to access /var/spool/postfix/pid/master.pid
(bsc#1207177) Apply proposed changes in postfix.service
- remove patch included into the source:
harden_postfix.service.patch
OBS-URL: https://build.opensuse.org/request/show/1064225
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=452
