Change log for postfix package in Debian
| 1 → 75 of 151 results | First • Previous • Next • Last |
postfix (3.10.2-1) unstable; urgency=medium
[ Michael Tokarev ]
* new upstream minor/bugfix/maintenance release
Closes: #1100449 (postfix: main.cf corrupted after upgrade)
* postfix.service: add CAP_DAC_READ_SEARCH (Closes: #1099891)
[ Carles Pina i Estany ]
* Update po-debconf Catalan translation
-- Michael Tokarev <email address hidden> Wed, 23 Apr 2025 11:42:50 +0300
postfix (3.10.1-1) unstable; urgency=medium
* new upstream release
* NOTES: remove part about postmulti and postfix@.service
* d/rules: ship /var/spool/postfix/dev (Closes: #1094571)
* gbp.conf: switch to 3.10
* 10_openssl_version_check.diff: remove, not needed anymore
* 40_chroot_by_default.diff: refresh, reduce context
* 50_LANG.diff: rediff, reduce context
* debian/patches/reproducible: remove, applied upstream
* makedefs-fix-RELEASE_MAJOR-expression.patch, sqlite-open-fix.patch:
remove, applied upstream
* debian-fix-manpages-C-font.patch: remove
* enable TLSRPT (+Build-Depends: libtlsrpt0-dev)
-- Michael Tokarev <email address hidden> Sun, 02 Mar 2025 11:20:24 +0300
postfix (3.9.1-10) unstable; urgency=medium
* main.cf.tls: use smtp_tls_CAfile, not smtp_tls_CApath;
add comments for all parameters
* postfix.service: remove not-relevant-anymore comment
* control: Pre-Depends: init-system-helpers, since we run invoke-rc.d
manually from triggers and ${misc:Pre-Depends} is not set
* postfix.postinst: remove --skip-systemd-native from invoke-rc.d call
since we checked for systemd already
* postfix.maintscript: convert to conffiles
* postfix-doc: rm conffile /etc/postfix/postfix-files.d/doc.files
(Closes: #1091839)
* configure-instance: remove dev/u?random in chroot when upgrading
* rules: do not install makedefs.1 manpage
* debian-fix-manpages-C-font.patch: use different manpage formatting for
examples (fixes roff being unable to find C font)
* d/tests: replace "useradd -p" with chpasswd (Closes: #1092751)
* sqlite-open-fix.patch: fix opening of sqlite map files
-- Michael Tokarev <email address hidden> Sat, 11 Jan 2025 15:46:36 +0300
Available diffs
- diff from 3.9.1-9 to 3.9.1-10 (4.6 KiB)
- diff from 3.9.1-9build1 (in Ubuntu) to 3.9.1-10 (4.7 KiB)
postfix (3.9.1-9) unstable; urgency=medium
* the "let's break the toys" release part 2:
* postfix.service: first step at possible hardening at the systemd level
Drop as much privileges as seem safe for postfix operations
Use ProtectSystem=full, let's see what happens
* split startup procedure into two halves, setup+runtime, so that the runtime
half can be run with restricted privs, while setup part needs chown etc
* stop ordering postfix.service after network-online.target, but keep it
after network.target, and mention how to enable this if needed
(finally Closes: #854475)
* tests: show logging from failed startup phase too
* debian-postfix-chroot-cmd.patch: update
* README.Debian: recommend un-chrooting postfix
* README.Debian: rewrite notes about chroot and proxy: map
* configure-instance: use "postfix chroot -c" to include custom services too
* hurd.patch: update to include more libdirs like in linux case
* debian-re-run-startup-through-systemd.patch: a few updates
* rules: stop renaming postfix *.8 manpages to *.8postfix
* rules: stop shipping /etc/postfix/dynamicmaps.cf.d
* rules: hide dpkg-maintscript-helper calls from lintian. It produces
maintainer-script-should-not-use-dpkg-maintscript-helper, which is rather
pointless, and other ways to avoid this warning results in uglier d/rules
with this place being split into pieces. Fighting with the tools.. :(
* configure-instance: avoid removing ca-certificates.crt from the certs dir
in chroot (Closes: #1003982), add comment explaining certs storages
* 03_ldap3_by_default.diff: do not patch generated man/man5/ldap_table.5 -
it is regenerated by "make manpages"
* postfix.lintian-overrides: drop 2 now-unused overrides
* changelog: add missing newline in an old (2001) entry
-- Michael Tokarev <email address hidden> Tue, 24 Dec 2024 21:21:04 +0300
Available diffs
- diff from 3.9.1-7 to 3.9.1-9 (17.0 KiB)
- diff from 3.9.1-8 to 3.9.1-9 (10.3 KiB)
postfix (3.9.1-8) unstable; urgency=medium
* the "let's get chroot under control" release, plus some bugfixes
for minor issues in previous release, and more cleanups
* debian-postfix-chroot-cmd.patch: new 'chroot' subcommand for postfix
command, to set/unset/query chroot status of postfix services in
master.cf. It helps to configure current master.cf to enable/disable
chroot easily
* source/options: man/ is also autogenerated, ignore it in source-diff
* README.Debian: add a note about chroot and "postfix chroot"
* configure-instance: use "postfix chroot" to query for chroot status
* postfix.maintscript: rm_conffile /etc/network/ip-down.d/postfix
(temporary, Closes: #1090820)
* postinst: fixup html_directory=no on upgrade too (Closes: #1090852)
* patches: remove hunks changing paths in master.cf from
40_chroot_by_default.diff to 05_debian_defaults.diff
* rules,05_debian_defaults.diff: move postfix-files patching to rules
* patches: update debian-defaults.patch: rename from 05_debian_defaults.diff,
get parts from 06_debian_paths.diff to it
* rules: stop shipping doc.files in postfix-doc package, there's no need to
* 06_debian_paths.diff: remove
* main.cf.in: add comments and fill in some default values, so the new
main.cf has comments near the values which are set in postinst
-- Michael Tokarev <email address hidden> Fri, 20 Dec 2024 22:10:35 +0300
Available diffs
- diff from 3.9.1-7 to 3.9.1-8 (10.3 KiB)
postfix (3.9.1-7) unstable; urgency=medium
* the "let's break the toys" release part 1:
* completelty redesign postfix multi-instance systemd setup;
regular postfix service is back (and journalctl -u postfix etc);
postfix@- is gone. Pleas see the NEWS file for more details
(Closes: #1088862, #928187)
* `postfix start' now starts systemd postfix service and updates chroot
* do not ship /etc/postfix/makedefs.out symlink (to /usr/share/postfix/)
* do not include doc directories in postfix maps packages anymore, link to
the main package doc dir instead
* more cleanups for chroot setup and packaging
* packaging changes:
* maintscript: remove package names (defaults to $DPKG_MAINTSCRIPT_PACKAGE)
* d/.gitignore: ignore debian/files
* control: remove lsb-release build dep (forgotten after ${DEB_VENDOR} change
* postinst: postconf -hx not -h (to expand names)
* preinst: debconf is not used anymore
* rules: only install listed examples from conf/, not everything
* rules: use ${package} (in form of $mapbase) in foo-MAP generation script
too (another place previously forgotten)
* rules: move generated main.cf.debian & main.cf.dist from conf/ to meta/ -
avoids cleaning them up
* rules: keep original meta/postfix-files, create debian-specific in debian/
* rules: make install-map a macro (readability)
* rules: make doc dir for dynamic maps to be symlinks to main postfix package
* rules: fixup manpage naming (8postfix) at install time
* 41_rmail.diff: do not uncomment master.cf entry for uucp in 2024
* collapse various dynamic map README files into main README.Debian
* postinst &Co: perform (re)start in dpkg trigger
* postinst,main.cf.in: fix clarify cyrus_sasl_config_path setting
* d/main.cf.in: compatibility=3.9 for new install
* d/main.cf.in: reword myorigin comment
* d/postfix_groups.pl: drop, postfix can expand LDAP groups for a long time
* make main.cf.proto & master.cf.proto to be regular conffiles
* prerm: remove more dirs; rewrite
* postinst: remove very old (<<2.5) sasl-smtp[d]->smtp[d] rename
* postinst: drop permission fix from 2008 (2.5.0) for /var/lib/postfix
* postinst: drop pre-historic update-inetd call disabling smtp
* postinst,postrm: simplify file/dir permissions handling
* postinst: note we should create /etc/aliases on new install
even if no configuration is requested
* rules: it is /etc/network/if-down.d, not ip-down.d (thanks axhn)
* postinst,postrm,etc: stop messing with readme_directory
* suggest to use proxy: map for chrooted config in README.Debian
(Closes: #429742, #1003982)
* README.Debian: review /dev/log situation in chroot
* configure-instance: remove $queue_directory/etc/ssl/certs if chroot
is not in use
* configure-instance: do not copy nss modules from glibc (these are built-in);
add comments
* configure-instance: assume cleanup service is safe to be in chroot
(no extra setup needed)
* debian-run-configure-instance-from-create-missing.patch: move
configure-instance invocation to post-install script
* switch from postfix@-.service to postfix.service: breaking change
(#1088862 #928187)
* debian-re-run-startup-through-systemd.patch: redirect `postfix start'
to systemd
* postinst: detect if multi-instance was in use and warn the user
* add NEWS and README about changes wrt multiple instances
* control: remove systemd-dev build dependency
-- Michael Tokarev <email address hidden> Thu, 19 Dec 2024 12:13:23 +0300
Available diffs
- diff from 3.9.1-6 to 3.9.1-7 (24.0 KiB)
postfix (3.9.1-6) unstable; urgency=medium
* a "making some clean-ups, part 4" release (plus a bugfix)
* cp isn't able to cope with dangling symlinks when copying certs left
from the previous release. Fix by using find(1) to traverse the dest dir
and delete anything which does not look like a regular hashed cert file,
since we process the directory anyway. Closes: #1089836)
* simplify ip-up.d/ip-down.d/update-libc.d to just one line (cp -pLu)
and instal it everywhere. Do not trigger queue run in ifup, it is
not our job to know which interfaces to use for the trigger.
Just copy the file, glibc will pick it up on the next query.
* d/postfix.postfix-resolvconf.service: use the same simple cp command
here too, with Conditions
* install NetworkManager hook to update resolv.conf too
(Closes: 1070120, #1054064)
* d/rules rework:
- stop passing $CPPFLAGS $CFLAGS to PLUGIN_LD
- move common CCARGS/CONFARGS/AUXLIBS definition further up
- move shared-build options to separate place
- clean the cleaning
- drop custom $(DISTRO), use ${DEB_VENDOR} everywhere in an uniform way
- drop execute_before_dh_gencontrol (move to install)
- reorder install target to better group things together
- stop exporting buildflags - specify CC, the only var we use, directly
* d/control: actually mark postfix-mongodb as linux-any
(forgotten in previous upload)
* d/patches: 2 patches to support building on hurd
* postfix now builds on hurd, let's see how it works there
-- Michael Tokarev <email address hidden> Fri, 13 Dec 2024 19:41:09 +0300
Available diffs
- diff from 3.9.1-5 to 3.9.1-6 (6.6 KiB)
postfix (3.9.1-5) unstable; urgency=medium
* a "making some clean-ups, part 3" release
* rewrite of d/configure-instance.sh chroot setup script:
- remove some old files which shouldn't be there, like lib/libnss_s.so
or lib/mozilla/libnss.3 or lib/$otherarch/libnssdbm3.so
- stop re-writing whole chroot each time, use cp -u
- copy /etc/ssl/certs by hash only, so the result matches those on
host, not all of them like before
- copy just libnss_*.so.2 for the correct architecture
- stop creating dev/[u]random in chroot, device nodes in /var was
a long-standing issue. Cf. #572841
* d/{update-libc,ip-{up,down}}.d: just copy resolv.conf, no reload needed
(postfix uses system resolver, glibc picks up changes automatically)
add a note we only support default/main instance
* postfix-resolvconf: some updates
* remove cpio from Depends, downgrade ssl-cert to Recommends
(postfix uses ssl-snakeoil by default);
add ssl-cert dependency to tests, so it checks smtps
* drop very old (before buster) versioned deps
* d/rules,d/control: do not build postfix-mongodb on hurd
* provide (shorter) long Description for all packages directly in d/control
* stop moving dynamic maps manpages to postfix-MAP subpackages, provide
them in main postfix package
* remove stray debian-differences-main-cf.diff which was added mistakenly
* d/README.Debian: spelling: synchronizing
* d/po: run debconf-updatepo
-- Michael Tokarev <email address hidden> Fri, 13 Dec 2024 00:09:16 +0300
Available diffs
- diff from 3.9.1-4 to 3.9.1-5 (18.7 KiB)
postfix (3.9.1-4) unstable; urgency=medium
* a "making some clean-ups, part 2" release
* big changes in chroot setup (d/configure-instance.sh et al):
- rework ssl cert (/etc/ssl/certs et al) copying to chroot:
- simplify it, unroll the function
- remember and skip dirs we already handled
- copy just one directory deep
- more advanced master.cf reading; skip simple services: chroot wont be
updated if only postfix internal services are chrooted
- do not ship chroot files in /var/spool/postix/ (dev, etc, lib),
create them in configure-instance.sh for every instance instead
- remove /etc/passwd copying to chroot (was a hack for #65473)
- exit early if !SYNC_CHROOT or !NEED_CHROOT
- many small cleanups
* stop shipping var/spool/postfix/usr/lib/zoneinfo (long unused)
* run configure-instance.sh (for chroot) from within postfix-script,
so every invocation of `postfix start' will run it, not just the
startup scripts. Add a patch to upstream postfix-script.
This is to prepare for multiple instances mostly, and for consistency
* do not ship /etc/postfix/postfix-script & /etc/postfix/post-install
files anymore: they're long unused: actual files are /usr/share/postfix/.
rm_conffile for them
* drop main.cf.default & bounce.cf.default entirely - these are just
outputs of `postconf -d' and `postconf -b'.
* debian/postfix.init: rewrite the init script (simplify and normalize)
* d/tests:
- consolidate check and set-permissions tests
- run all tests (do not stop on first filure)
- show postfix logfile
* patches:
- add debian/gen-manpage-diff.sh
- regenerate 05_debian_manpage_differences.diff
- 05_debian_defaults.diff: refresh using diff -U1
- split out main.cf.tls to debian/main.cf.tls
* d/rules:
- fix old typo shlibs_directory => shlib_directory
- fix bad line split in previous upload
- sample_directory was never recognized by makedefs
- use ${package} in last few places
- always provide postfix:Provides variable
* d/NOTES: more notes, formatting
-- Michael Tokarev <email address hidden> Wed, 11 Dec 2024 17:01:58 +0300
Available diffs
- diff from 3.9.1-3 to 3.9.1-4 (12.0 KiB)
postfix (3.9.1-3) unstable; urgency=medium
* a "making some clean-ups, part 1" release
* rewrite d/rules install targets, making the install process more
understandable, grouping related parts together, adding comments, using
various variables in a consistent way, using available tools in consistent
manner, remove unnecessary indirection, clean up things here and there
* rework and simplify dynamic maps installation part further
* stop running newaliases on every install, attempt to run it just when
we modified aliases, and do it only once - if fails, print a warning
and continue. There's no need to run it on every upgrade or especially
at map installation time, since neither the format changed nor there
were any modifications in the input file during install. This allowed
to drop a lot of complexity in initscripts in alias handling part and
make whole thing much more robust in the end
* consolidate /etc/aliases handling in a single place. More work needed
* stop creating /etc/aliases on every install/upgrade when the user asked
for no debconf-based configuration
* stop building binaries when doing arch-indep build, only
run `make makefiles' and make manpages out of this.
* stop making makefiles for pure clean target when we haven't
run configure (make makefiles) step yet
* move RELEASE_NOTES from postfix-doc package to the main postfix package
* install older RELEASE_NOTES-* files in postfix-doc (Closes: #626648)
There's no good reason to omit them (they're rather small) but it is
handy to have them in the package. Can move them to main postfix
* move examples/main.cf.default and examples/bounce.cf.default from
postfix-doc package to the main postfix package because they're
built in arch-dependent build. Maybe we should stop shipping
main.cf.default entirely (it is just `postconf -d` output), but
bounce.cf.default should be in main package because it is a good
starting template for customizing bounce messages.
* drop postfix Build-Depends on e2fsprogs (chattr usaga has been removed)
* stop shipping README.proto
* d/rules: note html2text -nobs: we can not recreate original docs!
* remove some old, long-unneeded pieces from the postinst & preinst scripts
* d/NOTES: add random notes/thoughts
-- Michael Tokarev <email address hidden> Sun, 08 Dec 2024 10:28:58 +0300
Available diffs
- diff from 3.9.0-3 to 3.9.1-3 (40.2 KiB)
- diff from 3.9.1-2 to 3.9.1-3 (10.1 KiB)
postfix (3.9.1-2) unstable; urgency=medium
* d/gbp.conf: create, with the naming scheme like current practice
* d/postfix.lintian-overrides: update line numbers for template overrides
* d/rules: install only libposfix-foo.so libs, not all static libs
(stop shipping libmilter.a and libxsasl.a uselessly)
* d/rules,d/clean: stop renaming and removing collate.pl
* d/postfix.dirs: stop shipping var/log (it is not used by postfix)
* d/rules: remove unused variable TLSDOCFILES
* d/rules,d/functions: fix stupid typos in map installation scripts
(Closes: #1089170)
-- Michael Tokarev <email address hidden> Fri, 06 Dec 2024 19:51:22 +0300
Available diffs
- diff from 3.9.1-1 to 3.9.1-2 (1.8 KiB)
postfix (3.9.1-1) unstable; urgency=medium
[ Michael Tokarev ]
* New upstream version 3.9.1
* 40_chroot_by_default.diff: refresh
* postfix.postrm: stop removing /etc/systemd/system/postfix.service.d
(cf #851521)
* postfix.postrm: stop removing user and groups at package purge
(Closes: #705754)
* remove question about synchronous directory updates (Closes: #832953)
* d/rules: fix date -s vs -d in txt2man invocation
* d/rules: introduce ${prvlibdir} and ${daemondir} vars
and use them consistently; also use install -D in changed lines
* d/rules: simplify map installation and make it more robust
- use ${maps} to list dynamic map types
- replace a series of grep/mv invocation with a single sed -i
- make sample/readme/html stripping more robust - match by
/^\$readme_directory/ instead of just /readme/
(should invent some helper for postfix-files splitting)
- use stricter pattern in dynamicmaps instead of single-word "cdb"
- use install -D to create directory
- install manpages in the same place as maps
- make whole thing a bit easier to read
- remove d/postfix-*.dirs for maps
* consolidate and symplify dynamic-maps package creation (#1075756)
Fold all postfix-{cdb,lmdb,...}.{postinst,prerm} scripts into functions
in d/functions, and generate individual package scripts in d/rules as
calls to these functions. This reduces number of files in debian/
significantly, and makes the same code to be in single place so it's
easy to modify. Changes in behavior:
- treat alias_database as multi-element list, not a single
entry as before (it always has been plural despite the name).
It is still treated as singular in postfix.postinst.
- stop unregistering the map types during package upgrades
since it will be re-added back immediately (Closes: #1075756).
- nicer alignment of columns in the dynamicmaps.cf file.
* d/rules: set SHELL to "/bin/sh -e" to catch possible build errors
* d/triggers: rename to postfix.triggers
* d/init.d: rename to postfix.init
[ Andika Triwidada ]
* [INTL:id] Update Indonesian debconf translation for postfix
(Closes: #1084490)
-- Michael Tokarev <email address hidden> Fri, 06 Dec 2024 11:13:30 +0300
Available diffs
- diff from 3.9.0-4 to 3.9.1-1 (30.4 KiB)
postfix (3.9.0-4) unstable; urgency=medium
[ Scott Kitterman ]
* Disable Salsa CI reprotest job due to false positives
* Disable Salsa CI cross-build job due to we know it won't work,
so there's no point
* Remove obsolete d/postfix.postinst fixup content
* Restore add_root_alias, deleted in error
* Note that cyrus_sasl_config_path fixup in postinst can be removed
after Trixie release
* Add patch header to d/p/reproducible
[ Christian Göttsche ]
* salsa-ci: enable build_twice job
[ Michael Tokarev ]
* d/control: set Maintainer to <email address hidden>
* d/control: add myself to Uploaders
* Closes: #1087594
-- Michael Tokarev <email address hidden> Sat, 30 Nov 2024 10:19:24 +0300
postfix (3.9.0-3) unstable; urgency=medium
* Replace hard coding of config path for Cyrus SASL in
d/p/07_sasl_config.diff with setting the Debian location via
cyrus_sasl_config_path.
* Update creation of /var/spool/postfix in preinst to include -Z option so
that SE Linux security context is properly applied when SE Linux is
actived. Closes: #781776
* Bump standards-version to 4.7.0 without further change.
* Use raw strings in d/tests/testlib.py to fix SyntaxWarnings with Python
3.12.
-- Scott Kitterman <email address hidden> Thu, 18 Jul 2024 17:06:30 -0400
Available diffs
- diff from 3.9.0-2 to 3.9.0-3 (2.8 KiB)
| Published in bullseye-release |
postfix (3.5.25-0+deb11u1) bullseye; urgency=medium
[Wietse Venema]
* 3.5.25
- Bugfix (defect introduced: Postfix 2.3, date 20051222): the
Dovecot auth client did not reset the 'reason' from a
previous Dovecot auth service response, before parsing the
next Dovecot auth server response in the same SMTP session.
Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c.
- Cleanup: Postfix SMTP server response with an empty
authentication failure reason. File: smtpd/smtpd_sasl_glue.c.
- Bugfix (defect introduced: Postfix 3.1, date: 20151128):
"postqueue -j" produced broken JSON when escaping a control
character as \uXXXX. Found during code maintenance. File:
postqueue/showq_json.c.
- Cleanup: posttls-finger certificate match expectations for
all TLS security levels, including warnings for levels that
don't implement certificate matching. Viktor Dukhovni.
File: posttls-finger.c.
- Bugfix (defect introduced: Postfix 2.3): after prepending
a message header with a Postfix access table PREPEND action,
a Milter request to delete or update an existing header
could have no effect, or it could target the wrong instance
of an existing header. Root cause: the fix dated 20141018
for the Postfix Milter client was incomplete. The client
did correctly hide the first, Postfix-generated, Received:
header when sending message header information to a Milter
with the smfi_header() application callback function, but
it was still hiding the first header (instead of the first
Received: header) when handling requests from a Milter to
delete or update an existing header. Problem report by
Carlos Velasco. This change was verified to have no effect
on requests from a Milter to add or insert a header. File:
cleanup/cleanup_milter.c.
- Workaround: tlsmgr logfile spam. Some OS lies under load:
it says that a socket is readable, then it says that the
socket has unread data, and then it says that read returns
EOF, causing Postfix to spam the log with a warning message.
File: tlsmgr/tlsmgr.c.
- Bugfix (defect introduced: Postfix 3.4): the SMTP server's
BDAT command handler could be tricked to read $message_size_limit
bytes into memory. Found during code maintenance. File:
smtpd/smtpd.c.
- Performance: eliminate worst-case behavior where the queue
manager defers delivery to all destinations over a specific
delivery transport, after only a single delivery agent
failure. The scheduler now throttles one destination, and
allows deliveries to other destinations to keep making
progress. Files: *qmgr/qmgr_deliver.c.
- Safety: drop and log over-size DNS responses resulting in
more than 100 records. This 20x larger than the number of
server addresses that the Postfix SMTP client is willing
to consider when delivering mail, and is well below the
number of records that could cause a tail recursion crash
in dns_rr_append() as reported by Toshifumi Sakaguchi. This
also limits the number of DNS requests from check_*_*_access
restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
smtp/smtp_addr.c, smtpd/smtpd_check.c.
-- Scott Kitterman <email address hidden> Sat, 09 Mar 2024 10:38:51 -0500
| Published in bookworm-release |
postfix (3.7.11-0+deb12u1) bookworm; urgency=medium
[Wietse Venema]
* 3.7.11
- Bugfix (defect introduced: Postfix 2.3, date 20051222): the
Dovecot auth client did not reset the 'reason' from a
previous Dovecot auth service response, before parsing the
next Dovecot auth server response in the same SMTP session.
Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c.
- Cleanup: Postfix SMTP server response with an empty
authentication failure reason. File: smtpd/smtpd_sasl_glue.c.
- Bugfix (defect introduced: Postfix 3.1, date: 20151128):
"postqueue -j" produced broken JSON when escaping a control
character as \uXXXX. Found during code maintenance. File:
postqueue/showq_json.c.
- Cleanup: posttls-finger certificate match expectations for
all TLS security levels, including warnings for levels that
don't implement certificate matching. Viktor Dukhovni.
File: posttls-finger.c.
- Bugfix (defect introduced: Postfix 2.3): after prepending
a message header with a Postfix access table PREPEND action,
a Milter request to delete or update an existing header
could have no effect, or it could target the wrong instance
of an existing header. Root cause: the fix dated 20141018
for the Postfix Milter client was incomplete. The client
did correctly hide the first, Postfix-generated, Received:
header when sending message header information to a Milter
with the smfi_header() application callback function, but
it was still hiding the first header (instead of the first
Received: header) when handling requests from a Milter to
delete or update an existing header. Problem report by
Carlos Velasco. This change was verified to have no effect
on requests from a Milter to add or insert a header. File:
cleanup/cleanup_milter.c.
- Workaround: tlsmgr logfile spam. Some OS lies under load:
it says that a socket is readable, then it says that the
socket has unread data, and then it says that read returns
EOF, causing Postfix to spam the log with a warning message.
File: tlsmgr/tlsmgr.c.
- Bugfix (defect introduced: Postfix 3.4): the SMTP server's
BDAT command handler could be tricked to read $message_size_limit
bytes into memory. Found during code maintenance. File:
smtpd/smtpd.c.
- Performance: eliminate worst-case behavior where the queue
manager defers delivery to all destinations over a specific
delivery transport, after only a single delivery agent
failure. The scheduler now throttles one destination, and
allows deliveries to other destinations to keep making
progress. Files: *qmgr/qmgr_deliver.c.
- Safety: drop and log over-size DNS responses resulting in
more than 100 records. This 20x larger than the number of
server addresses that the Postfix SMTP client is willing
to consider when delivering mail, and is well below the
number of records that could cause a tail recursion crash
in dns_rr_append() as reported by Toshifumi Sakaguchi. This
also limits the number of DNS requests from check_*_*_access
restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
smtp/smtp_addr.c, smtpd/smtpd_check.c.
-- Scott Kitterman <email address hidden> Wed, 06 Mar 2024 10:10:14 -0500
postfix (3.9.0-2) unstable; urgency=medium
* Add debian/postfix-collate to debian/clean
* Restart postfix via trigger after new map type packages are added.
Closes: #1063772
* Add d/p/reproducible to restore AUXLIBS sort missed when original patch
was upstreamed. Closes: #1067483
-- Scott Kitterman <email address hidden> Tue, 02 Apr 2024 09:08:31 -0400
Available diffs
- diff from 3.8.6-1build2 (in Ubuntu) to 3.9.0-2 (300.2 KiB)
postfix (3.9.0-1) unstable; urgency=medium [Scott Kitterman] * Upload to unstable [Christian Göttsche] * Update lintian overrides -- Scott Kitterman <email address hidden> Mon, 18 Mar 2024 23:56:50 -0400
| Deleted in experimental-release (Reason: None provided.) |
postfix (3.9.0-1~exp1) experimental; urgency=medium
[Scott Kitterman]
* Refresh patches
* Delete d/p/Sort-list-of-AUXLIBS-for-reproducible-builds.patch,
incorporated upstream
* Update test-postfix.py for implementation of HELP in postfix 3.9
* Add support for mongodb
- New postfix-mongodb binary
- Add libmongoc-dev to build-depends
[Wietse Venema]
* 3.9.0
-- Scott Kitterman <email address hidden> Sun, 10 Mar 2024 04:47:22 -0400
postfix (3.8.6-1) unstable; urgency=medium
[Scott Kitterman]
* Remove lib/systemd/system-generators from d/postfix.dirs. Closes: #1059760
* Update with wrap-and-sort
* Refactor d/p/Sort-list-of-AUXLIBS-for-reproducible-builds.patch based on
upstream feedback
* Mark d/p/Sort-list-of-AUXLIBS-for-reproducible-builds.patch as forwarded
* Add libnsl-dev to build-depends, split from libc6-dev. Closes: #1065158
* Build-depend on pkgconf instead of obsolete pkg-config
[localization folks]
* l10n: Updated Swedish debconf translations. (Martin Bagge, Anders
Jonsson). Closes: #1061564
[Wietse Venema]
* 3.8.6
-- Scott Kitterman <email address hidden> Tue, 05 Mar 2024 10:24:36 -0500
Available diffs
- diff from 3.8.5-1 to 3.8.6-1 (17.7 KiB)
- diff from 3.8.5-1build2 (in Ubuntu) to 3.8.6-1 (17.9 KiB)
| Superseded in bullseye-release |
postfix (3.5.24-0+deb11u1) bullseye; urgency=medium
[Wietse Venema]
* 3.5.24
- Security (outbound SMTP smuggling): with the default setting
"cleanup_replace_stray_cr_lf = yes" Postfix will replace
stray <CR> or <LF> characters in message content with a
space character. This prevents Postfix from enabling
outbound (remote) SMTP smuggling, and it also makes evaluation
of Postfix-added DKIM etc. signatures independent from how
a remote mail server handles stray <CR> or <LF> characters.
Files: global/mail_params.h, cleanup/cleanup.c,
cleanup/cleanup_message.c, mantools/postlink, proto/postconf.proto.
- Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
= normalize" (default "no" for Postfix < 3.9), the Postfix
SMTP server requires the standard End-of-DATA sequence
<CR><LF>.<CR><LF>, and otherwise allows command or message
content lines ending in the non-standard <LF>, processing
them as if the client sent the standard <CR><LF>.
The alternative setting, "smtpd_forbid_bare_newline = reject"
will reject any command or message that contains a bare
<LF>, and is more likely to cause problems with legitimate
clients.
For backwards compatibility, local clients are excluded by
default with "smtpd_forbid_bare_newline_exclusions =
$mynetworks".
Files: mantools/postlink, proto/postconf.proto,
global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
smtpd/smtpd.c, smtpd/smtpd_check.[hc].
-- Scott Kitterman <email address hidden> Sat, 27 Jan 2024 10:21:04 -0500
| Superseded in bookworm-release |
postfix (3.7.10-0+deb12u1) bookworm; urgency=medium
[Wietse Venema]
* 3.7.10
- Security (outbound SMTP smuggling): with the default setting
"cleanup_replace_stray_cr_lf = yes" Postfix will replace
stray <CR> or <LF> characters in message content with a
space character. This prevents Postfix from enabling
outbound (remote) SMTP smuggling, and it also makes evaluation
of Postfix-added DKIM etc. signatures independent from how
a remote mail server handles stray <CR> or <LF> characters.
Files: global/mail_params.h, cleanup/cleanup.c,
cleanup/cleanup_message.c, mantools/postlink, proto/postconf.proto.
- Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
= normalize" (default "no" for Postfix < 3.9), the Postfix
SMTP server requires the standard End-of-DATA sequence
<CR><LF>.<CR><LF>, and otherwise allows command or message
content lines ending in the non-standard <LF>, processing
them as if the client sent the standard <CR><LF>.
The alternative setting, "smtpd_forbid_bare_newline = reject"
will reject any command or message that contains a bare
<LF>, and is more likely to cause problems with legitimate
clients.
For backwards compatibility, local clients are excluded by
default with "smtpd_forbid_bare_newline_exclusions =
$mynetworks".
Files: mantools/postlink, proto/postconf.proto,
global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
smtpd/smtpd.c, smtpd/smtpd_check.[hc].
-- Scott Kitterman <email address hidden> Fri, 26 Jan 2024 18:44:58 -0500
postfix (3.8.5-1) unstable; urgency=medium
[Wietse Venema]
* 3.8.5
[Christian Göttsche]
* Drop unnecessary manual hardening CFLAGS, drop unused variables,
drop obsolete suidunregister handling, and use generic destination
variable in more places
* Install systemd generator into canonical directory (Closes: #1059760)
* Rely on dh_lintian to install Lintian overrides
* Sort list of AUXLIBS for reproducible builds
* Add Documentation key to resolvconf service
-- Scott Kitterman <email address hidden> Mon, 22 Jan 2024 09:47:09 -0500
Available diffs
- diff from 3.8.4-1 to 3.8.5-1 (16.2 KiB)
postfix (3.8.4-1) unstable; urgency=medium [Wietse Venema] * 3.8.4 Closes: #1059230 -- Scott Kitterman <email address hidden> Fri, 22 Dec 2023 13:02:36 -0500
Available diffs
- diff from 3.8.3-1 to 3.8.4-1 (17.2 KiB)
postfix (3.8.3-1) unstable; urgency=medium [Helmut Grohne] * Install units using dh_installsystemd only. Closes: #1054485 [Wietse Venema] * 3.8.3 -- Scott Kitterman <email address hidden> Thu, 21 Dec 2023 13:43:33 -0500
Available diffs
- diff from 3.8.2-1 to 3.8.3-1 (3.3 KiB)
- diff from 3.8.2-1build1 (in Ubuntu) to 3.8.3-1 (3.4 KiB)
postfix (3.8.2-1) unstable; urgency=medium [Scott Kitterman] * Correct 3.8.1-2 debian/changelog entry [Wietse Venema] * 3.8.2 [localization folks] * l10n: Update Romanian debconf translations. (Remus-Gabriel Chelu) -- Scott Kitterman <email address hidden> Thu, 14 Sep 2023 14:08:10 -0400
Available diffs
- diff from 3.8.1-2 to 3.8.2-1 (5.4 KiB)
| Superseded in bookworm-release |
postfix (3.7.6-0+deb12u2) bookworm; urgency=medium
* Correct regression that caused postfix set-permissions to fail (Closes:
#1040329)
- Restore and update debian/patches/05_debian_manpage_differences.diff
- Restore and update debian/patches/05_debian_readme_differences.diff
* Update autopkgtest to test postfix set-permissions
-- Scott Kitterman <email address hidden> Wed, 05 Jul 2023 17:18:24 -0400
postfix (3.8.1-2) unstable; urgency=medium
[Scott Kitterman]
* Delete debian/patches/02_kfreebsd_support.diff, no longer needed
* Drop debian/patches/04_remove_gdbm_support.diff, obsolete
* Add/update patch headers, particularly Forwarded status
* Rename collate.pl patch to 71_debianize_collate.pl.diff
* Fix spelling error in d/changelog
* Do not use full path for ypcat and update-inetd in postinst and
suidunregister in preinst
* Update debconf templates
* Correct regression that caused postfix set-permissions to fail (Closes:
#1040329)
- Restore and update debian/patches/05_debian_manpage_differences.diff
- Restore and update debian/patches/05_debian_readme_differences.diff
* Update autopkgtest to test postfix set-permissions
[localization folks]
* l10n: Add Romanian debconf translations. Closes: #1039560 (Remus-Gabriel
-- Scott Kitterman <email address hidden> Thu, 06 Jul 2023 00:18:21 -0400
Available diffs
- diff from 3.8.1-1 to 3.8.1-2 (47.4 KiB)
postfix (3.8.1-1) unstable; urgency=medium
[Christian Göttsche]
* Bump _FORTIFY_SOURCE to level 3
* Enable stack clash protection
[Scott Kitterman]
* Refresh and udpate patches for 3.8.1
* Update default master.cf for new installs to comment out maildrop and
external delivery methods to match upstream, these all require additional
configuration. Closes: #1033346
* Delete unconditional call to fix_master and clarify wording of main.cf
status message in postfix.postinst. Closes: #1035350
* Minor wording improvements in d/po/templates.pot. Closes: #1028095
[Wietse Venema]
* 3.8.0 (Closes: #1036161)
* 3.8.1
-- Scott Kitterman <email address hidden> Sat, 10 Jun 2023 09:31:37 -0400
Available diffs
- diff from 3.7.5-2 to 3.8.1-1 (249.0 KiB)
postfix (3.7.5-2) unstable; urgency=medium
[Sergio Durigan Junior]
* Update autopkgtest to work with new sasl2-bin service file.
Closes: #1032306
-- Scott Kitterman <email address hidden> Wed, 03 May 2023 10:27:40 -0400
Available diffs
- diff from 3.7.4-2build1 (in Ubuntu) to 3.7.5-2 (14.5 KiB)
- diff from 3.7.5-1 to 3.7.5-2 (892 bytes)
postfix (3.7.5-1) unstable; urgency=medium
[Scott Kitterman]
* Fix typo in d/changelog
* Update d/watch to only look for 3.7.x updates for bookworm
[localization folks]
* l10n: Updated Turkish debconf translations. (Atila KOÇ). Closes: #1032459
[Wietse Venema]
* 3.7.5
- Bugfix (introduced: Postfix 3.4): the posttls-finger command
failed to detect that a connection was resumed in the case
that a server did not return a certificate. Viktor Dukhovni.
File: posttls-finger/posttls-finger.c.
- Workaround: OpenSSL 3.x EVP_get_cipherbyname() can return
lazily-bound handles. Postfix now checks that the expected
functionality will be available instead of failing later.
Fix by Viktor Dukhovni. File: tls/tls_server.c.
- Bugfix (introduced: Postfix 3.5): check_ccert_access did
not parse inline map specifications. Report and fix by Sean
Gallagher. File: global/map_search.c.
- Safety: the long form "{ name = value }" in import_environment
or export_environment is not documented, but accepted, and
it was stored in the process environment as the invalid
form "name = value", thus not setting or overriding an entry
for "name". This form is now stored as the expected
"name=value". Found during code maintenance. Also refined
the "missing attribute name" detection. Files: clean_env.c,
split_nameval.c.
- Bugfix (introduced: Postfix 3.2): the MySQL client could
return "not found" instead of "error" during the time that
all MySQL server connections were turned down after error.
Found during code maintenance. File: global/dict_mysql.c.
-- Scott Kitterman <email address hidden> Sun, 30 Apr 2023 13:53:55 -0400
| Superseded in bullseye-release |
postfix (3.5.18-0+deb11u1) bullseye; urgency=medium
[Wietse Venema]
* 3.5.18
- Bugfix (introduced: Postfix 2.2): the smtpd_proxy_client
code mis-parsed the last XFORWARD attribute name in the
SMTP server's EHLO response. The result was that the
smtpd_proxy_client code failed to forward the IDENT attribute.
Fix by Andreas Weigel. File: smtpd/smtpd_proxy.c.
- Portability: LINUX6 support. Files: makedefs, util/sys_defs.h.
- Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
lazily bound handles that may fail to work when one attempts
to use them, because no provider search happens until one
constructs an actual operation context. In sufficiently
hostile configurations, Postfix could mistakenly believe
that an algorithm is available, when in fact it is not. A
similar workaround may be needed for EVP_get_cipherbyname().
Fix by Viktor Dukhovni. Files: tls/tls.h, tls/tls_dane.c,
tls/tls_fprint.c, tls/tls_misc.c.
- Bugfix (introduced: Postfix 2.11): the checkok() macro in
tls/tls_fprint.c evaluated its argument unconditionally;
it should evaluate the argument only if there was no prior
error. Found during code review. File: tls/tls_fprint.c.
- Foolproofing: postscreen segfault with postscreen_dnsbl_threshold
< 1. It should reject such input with a fatal error instead.
Discovered by Benny Pedersen. File: postscreen/postscreen.c.
- Bugfix (introduced: Postfix 2.7): the verify daemon logged
a garbled cache name when terminating a cache scan in
progress. Reported by Phil Biggs, fix by Viktor Dukhovni.
File: util/dict_cache.c.
- Workaround: STRREF() macro to shut up compiler warnings for
legitimate string comparison expressions. Back-ported from
Postfix 3.6 and later. Files: util/stringops.h, flush/flush.c.
- Workaround for a breaking change in OpenSSL 3: always turn
on SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages
and missed opportunities for TLS session reuse. This is
safe because the SMTP protocol implements application-level
framing, and is therefore not affected by TLS truncation
attacks. Fix by Viktor Dukhovni. Files: tls/tls.h, tls_client.c,
tls/tls_server.c.
-- Scott Kitterman <email address hidden> Sat, 21 Jan 2023 20:17:03 -0500
postfix (3.7.4-2) unstable; urgency=medium [Christian Göttsche] * Add patch to disable LD_LIBRARY_PATH check * Update postfix homepage supporting https * Merge restorecon calls * d/postinst: fix mixed indentation * Quote variables and command output in scripts * Drop upgrade handling against ancient versions * Drop unnecessary script include * Do not manually stop and restart postfix.service * Switch to PCRE2 (Closes: #999988) [Scott Kitterman] * Build depend on libldap-dev instead of transitional libldap2-dev * Update lintian overrides * Drop ancient Breaks/Replaces on postfix 3.1.3-7~ -- Scott Kitterman <email address hidden> Tue, 24 Jan 2023 09:33:52 -0500
Available diffs
- diff from 3.7.3-4 to 3.7.4-2 (16.3 KiB)
postfix (3.7.4-1) unstable; urgency=medium [Scott Kitterman] * Drop d/p/support_linux6, addressed upstream * Drop depends on obsolete package lsb-base [Wietse Venema] * 3.7.4 (Closes: #1011040) (LP: #1995312) [Sven Joachim] * Replace deprecated c_reshash with openssl rehash (Closes: #895089) [localization folks] * l10n: Updated German debconf translations. (Markus Hiereth) Closes: #1029113 -- Scott Kitterman <email address hidden> Sat, 21 Jan 2023 20:03:33 -0500
postfix (3.7.3-4) unstable; urgency=medium
* Also add LINUX6 to sys_defs.h (thanks to Bo YU for the fix).
Closes: #1028600
-- Scott Kitterman <email address hidden> Fri, 13 Jan 2023 18:42:01 -0500
Available diffs
- diff from 3.7.3-2build1 (in Ubuntu) to 3.7.3-4 (18.3 KiB)
- diff from 3.7.3-3 to 3.7.3-4 (588 bytes)
postfix (3.7.3-3) unstable; urgency=medium
[Scott Kitterman]
* Add support for Linux 6 as a Linux major version in makedefs
* Remove obsolete debian/postfix.NEWS
* Update debian/copyright
* Bump standards-version to 4.6.2 without further change
[Gioele Barabucci]
* d/postfix.postinst: Use sed instead of perl
[Daniel Shahaf]
* Fix generic maps terminology in README.Debian. Closes: #1006345
[localization folks]
* l10n: Updated Dutch debconf translations. (Frans Spiesschaert)
Closes: #1004316, #1025842
* l10n: Updated Brazilian Portuguese debconf translations. (Paulo Henrique
de Lima Santana) Closes: #1024200
* l10n: Updated German debconf translations. (Markus Hiereth)
Closes: #1004011
-- Scott Kitterman <email address hidden> Wed, 11 Jan 2023 11:02:33 -0500
Available diffs
| Superseded in bullseye-release |
postfix (3.5.17-0+deb11u1) bullseye; urgency=medium
[Scott Kitterman]
* Delete debian/patches/postfix-dup-postconf.patch, earlier backport now
upstream (from 3.5.14)
[Wietse Venema]
* 3.5.14
- Bugfix (introduced: 20210708): duplicate bounce_notice_recipient
entries in postconf output. The fix to send SMTP session
transcripts to bounce_notice_recipient was incomplete.
Reported by Vincent Lefevre. File: smtpd/smtpd.c.
- Bugfix (introduced: Postfix 3.0): the proxymap daemon did
not automatically authorize proxied maps inside pipemap
(example: pipemap:{proxy:maptype:mapname, ...}) or inside
unionmap. Problem reported by Mirko Vogt. Files:
proxymap/proxymap.c.
- Bugfix (introduced: Postfix 2.5): off-by-one error while
writing a string terminator. This code had passed all memory
corruption tests, presumably because it wrote over an
alignment padding byte, or over an adjacent character byte
that was never read. Reported by Robert Siemer. Files:
*qmgr/qmgr_feedback.c.
- Cleanup: added missing _maps parameter names to the
proxy_read_maps default value, based on output from the
mantools/missing-proxy-read-maps script. File:
global/mail_params.h.
* 3.5.15
- Bitrot: Glibc 2.34 implements closefrom(). File:
util/sys_defs.h.
- Bitrot: Berkeley DB 18 is like Berkeley DB 6. Yasuhiro
Kimura. File: util/dict_db.c.
* 3.5.16
- Cleanup: added missing _checks, _reply_footer, _reply_filter,
_command_filter, and _delivery_status_filter parameter names
to the proxy_read_maps default value. Files: global/mail_params.h,
mantools/missing-proxy-read-maps.
- Bugfix: in an internal client module, "host or service not
found" was a fatal error, causing the milter_default_action
setting to be ignored. It is now a non-fatal error. The
same client is used by many Postfix clients (smtpd_proxy,
dovecot auth, tcp_table, memcache, socketmap, and so on).
Problem reported by Christian Degenkolb. File: util/inet_connect.c.
- Cleanup (problem introduced: Postfix 3.0): with dynamic map
loading enabled, an attempt to create a map with "postmap
regexp:path" would result in a bogus error message "Is the
postfix-regexp package installed?" instead of "unsupported
map type for this operation". This happened with all built-in
map types (static, cidr, etc.) that have no 'bulk create'
support. Problem reported by Greg Klanderman. File:
global/dynamicmaps.c.
- Cleanup (problem introduced: Postfix 2.7): milter_header_checks
maps are now opened before the cleanup server enters the
chroot jail. Problem reported by Jesper Dybdal. Files:
cleanup/cleanup.h, cleanup/cleanup_init.c,
cleanup/cleanup_milter.c, cleanup/cleanup_state.c.
* 3.5.17
- Cleanup: Postfix 3.5.0 introduced debug logging noise in
map_search_create(). Files: global/map_search.c.
- Workaround: in a TLS server disable Postfix's 1-element
internal session cache, to work around an OpenSSL 3.0
regression that broke TLS handshakes. It is rarely useful.
Report by Spil Oss, fix by Viktor Dukhovni. File:
tls/tls_server.c.
- Cleanup: Postfix 3.3.0 introduced an uninitialized
verify_append() request status in case of a null original
recipient address. File: global/verify.c.
- Cleanup: Postfix 3.5.16 introduced a missing msg_panic()
argument (in code that never executes). File:
cleanup/cleanup_milter.c.
-- Scott Kitterman <email address hidden> Tue, 11 Oct 2022 22:30:59 -0400
postfix (3.7.3-2) unstable; urgency=medium * Update autopkgtest expected return code for 3.7 changes -- Scott Kitterman <email address hidden> Sun, 09 Oct 2022 01:33:38 -0400
Available diffs
- diff from 3.6.4-1ubuntu2 (in Ubuntu) to 3.7.3-2 (425.8 KiB)
postfix (3.7.3-1) unstable; urgency=medium
[Scott Kitterman]
* Add postfix-resolvconf.path/service to watch for resolv.conf changes and
restart postfix using the existing hook if it is updated. Closes: #1003152
* Document in README.Debian that new postfix-resolvconf.path/service files
need to be manually enabled if needed and override dh_installsystemd to
that effect
* Delete unused postfix lintian overrides
* Fix spelling error in debian/postfix.postinst
* Refresh patches, delete 05_debian_manpage_differences.diff and
05_debian_readme_differences.diff, no longer needed
[Wietse Venema]
* 3.7.3 Closes: #1017313
-- Scott Kitterman <email address hidden> Sat, 08 Oct 2022 19:36:05 -0400
| Published in buster-release |
postfix (3.4.23-0+deb10u1) buster; urgency=medium
[Scott Kitterman]
* Refresh patches
* Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink
check. Closes: #926331
* Do not override user set default_transport in postinst. Closes: #988538
* Add information about keeping resolv.conf up to date in the chroot with
the resolvconf package. Closes: #964762
[Sergio Gelato]
* Correct if-up.d to not error out if postfix can't send mail yet.
Closes: #959864
[Paride Legovini]
* d/postfix.postinst: tolerate search domain with a leading dot.
Closes: #991950
[Wietse Venema]
* 3.4.15
- Bugfix (introduced: Postfix 3.0): minor memory leaks in the
Postfix TLS library, found during tests. File: tls/tls_misc.c.
- Bugfix (introduced: Postfix 3.0): 4kbyte per session memory
leak in the Postfix TLS library, found during tests. File:
tls/tls_misc.c.
- Workaround for distros that override Postfix protocol
settings in a system-wide OpenSSL configuration file, causing
interoperability problems after an OS update. File:
tls/tls_client.c, tls/tls_server.c.
* 3.4.16
- Bugfix (introduced: Postfix 3.4.15): part of a memory leak
fix was backported to the wrong place. File: tls/tls_misc.c.
- The Postfix 3.4.15 workaround did not explictly override
the system-wide OpenSSL configuration of allowed TLS protocol
versions, for sessions where the remote SMTP client sends
SNI. It's better to be safe than sorry. File: tls/tls_server.c.
* 3.4.17
- Bugfix (introduced: Postfix 3.4, already fixed in Postfix
3.6): tlsproxy(8) was using the wrong DANE macro for
connections with DANE trust anchors or with non-DANE trust
anchors (WTF: Thorsten Habich found this bug in the use
case that has nothing to do with DANE). This resulted in a
global certificate verify function pointer race, between
TLS handshakes that use TLS trust achors and handshakes
that use PKI. No memory was corrupted in the course of all
this. Viktor Dukhovni. File: tlsproxy/tlsproxy.c.
- Cleanup: the posttls-finger '-X' option reported a false
conflict with '-r'. File: posttls-finger/posttls-finger.c.
* 3.4.18
- Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
ignored table lookup errors, treating them as 'not found'.
Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
- Bugfix (introduced: Postfix 2.3): when deleting a recipient
with a milter, delete the recipient from the duplicate
filter, so that the recipient can be added back. Backported
from Postfix 3.6. Files: global/been_here.[hc],
cleanup/cleanup_milter.c.
- Bugfix (introduced: before Postfix alpha): the code that
looks for Delivered-To: headers ignored headers longer than
$line_length_limit. Backported from Postfix 3.6. File:
global/delivered_hdr.c.
- Bugfix (introduced: Postfix 2.8): save a copy of the
postscreen_dnsbl_reply_map lookup result. This has no effect
when the recommended texthash: look table is used, but it
may avoid stale data with other lookup tables. File:
postscreen/postscreen_dnsbl.c.
- Bugfix (introduced: Postfix 2.2): after processing an
XCCLIENT command, the smtps service was waiting for a TLS
handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
- Bugfix (introduced: Postfix 2.3): static maps did not free
their casefolding buffer. File: util/dict_static.c.
* 3.4.19
- Feature: when a Postfix program makes a DNS query that
requests DNSSEC validation (usually for Postfix DANE support)
but the DNS response is not DNSSEC validated, Postfix will
send a DNS query configured with the "dnssec_probe" parameter
to determine if DNSSEC support is available, and logs a
warning if it is not. By default, the probe has type "ns"
and domain name ".". The probe is sent once per process
lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c,
test_dns_lookup.c, global/mail_params.[hc], mantools/postlink.
- The default "smtp_tls_dane_insecure_mx_policy = dane" was
causing unnecessary dnssec_probe activity. The default is now
"dane" when smtp_tls_security_level is "dane", otherwise it is
"may". File: global/mail_params.h.
* 3.4.20
- Missing null pointer checks (introduced: Postfix 3.4) after
an internal I/O error during the smtp(8) to tlsproxy(8)
handshake. Found by Coverity, reported by Jaroslav Skarvada.
Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
- Null pointer bug (introduced: Postfix 3.0) and memory leak
(introduced: Postfix 3.4) after an inline: table syntax
error in main.cf or master.cf. Found by Coverity, reported
by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
util/dict_inline.c.
- Incomplete null pointer check (introduced: Postfix 2.10)
after truncated HaProxy version 1 handshake message. Found
by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
Dukhovni. File: global/haproxy_srvr.c.
- Missing null pointer check (introduced: Postfix alpha) after
null argv[0] value. File: global/mail_task.c.
* 3.4.21
- Bugfix (introduced: Postfix 2.11): the command "postmap
lmdb:/file/name" handled duplicate keys ungracefully,
discarding entries stored up to and including the duplicate
key, and causing a double free() call with lmdb versions
0.9.17 and later. Reported by Adi Prasaja; double free()
root cause analysis by Howard Chu. File: util/slmdb.c.
- Typo (introduced: Postfix 3.4): silent_discard should be
silent-discard. File: proto/BDAT_README.html.
- Support for Postfix 3.6 compatibility_level syntax, to avoid
fatal runtime errors when rolling back from Postfix 3.6 to
an earlier supported version, or when sharing Postfix 3.6
configuration files with an earlier supported Postfix
version. File: global/mail_params.c.
* 3.4.22
- Bugfix (introduced: Postfix 3.4): the texthash: map
implementation did not support "postmap -F" behavior.
Reported by Christopher Gurnee, who also found the missing
code in the postmap source. File: util/dict_thash.c.
- Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too
large" (ERANGE) errors because an strtol() call had no 'errno
= 0' statement before the call. Back-ported from Postfix 3.6.
Files: postscreen/postscreen_tests.c, util/mac_expand.c.
- Bugfix (introduced: Postfix 3.3): "null pointer read" error
in the cleanup daemon when "header_from_format = standard"
(the default as of Postfix 3.3) and email was submitted
with /usr/sbin/sendmail without From: header, and an all-space
full name was specified in 1) the password file, 2) with
"sendmail -F", or 3) with the NAME environment variable.
Found by Renaud Metrich. File: cleanup/cleanup_message.c.
(Closes: #968057)
- Bugfix (introduced: 1999): the Postfix SMTP server was
sending all session transcripts to the error_notice_recipient,
instead of sending transcripts of bounced mail to the
bounce_notice_recipient. File: smtpd/smtpd_chat.c.
- Bugfix (introduced: Postfix 2.4): false "too many reverse
jump" warnings in the showq daemon. The loop detection code
was comparing memory addresses instead of queue file names.
It now properly compares strings. Reported by Mehmet Avcioglu.
File: global/record.c.
* 3.4.23
- Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c.
- Bugfix (bug introduced: Postfix 2.10): postconf -x produced
incorrect output, because different functions were implicitly
sharing a buffer for intermediate results. Reported
by raf, root cause analysis by Viktor Dukhovni. File:
postconf/postconf_builtin.c.
- Bugfix (problem introduced: Postfix 2.11): check_ccert_access
worked as expected, but produced a spurious warning when
Postfix was built without SASL support. Fix by Brad Barden.
File: smtpd/smtpd_check.c.
- Bugfix (introduced: Postfix 2.4): queue file corruption
after a Milter (for example, MIMEDefang) made a request to
replace the message body with a copy of that message body
plus additional text (for example, a SpamAssassin report).
The most likely impacts were a) the queue manager reporting
a fatal error resulting in email delivery delays, or b) the
queue manager reporting the corruption and moving the message
to the corrupt queue for damaged messages.
However, a determined adversary could craft an email message
that would trigger the bug, and insert a content filter
destination or a redirect email address into its queue file.
Postfix would then deliver the message headers there, in
most cases without delivering the message body. With enough
experimentation, an attacker could make Postfix deliver
both the message headers and body.
The details of a successful attack depend on the Milter
implementation, and on the Postfix and Milter configuration
details; these can be determined remotely through
experimentation. Failed experiments may be detected when
the queue manager terminates with a fatal error, or when
the queue manager moves damaged files to the "corrupt" queue
as evidence.
Technical details: when Postfix executes a "replace body"
Milter request it will reuse queue file storage that was
used by the existing email message body. If the new body
is larger, Postfix will append body content to the end of
the queue file. The corruption happened when a Milter (for
example, MIMEDefang) made a request to replace the body of
a message with a new body that contained a copy of the
original body plus some new text, and the original body
contained a line longer than $line_length_limit bytes (for
example, an image encoded in base64 without hard or soft
line breaks). In queue files, Postfix stores a long text
line as multiple records with up to $line_length_limit bytes
each. Unfortunately, Postfix's "replace body" support did
not account for the additional queue file space needed to
store the second etc. record headers. And thus, the last
record(s) of a long text line could overwrite one or more
queue file records immediately after the space that was
previously occupied by the original message body.
Problem report by Benoît Panizzon.
* Fix duplicate bounce_notice_recipient entries in postconf output.
Closes: #999694
[Andreas Hasenack]
* Fix autopkgtest so it works and uses python3
-- Scott Kitterman <email address hidden> Fri, 07 Jan 2022 11:04:17 -0500
| Superseded in bullseye-release |
postfix (3.5.13-0+deb11u1) bullseye; urgency=medium
[Scott Kitterman]
* Update debian/watch to track v3.5 versions for stable updates
* Refresh patches
* Include compatibility_level in addition to postifx version when
determining default value for chroot in master.cf. Closes: #995129
* Fixup errors in postifx-add-* man pages. Closes: #995031
* Update main/master.cf.proto on upgrade if not modified. Closes: #991513
* Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink
check. Closes: #926331
* Test that nothing is reported by postfix check in autopkgtest
* Do not override user set default_transport in postinst. Closes: #988538
* Add information about keeping resolv.conf up to date in the chroot with
the resolvconf package. Closes: #964762
[Sergio Gelato]
* Correct if-up.d to not error out if postfix can't send mail yet.
Closes: #959864
[Miriam España Acebal]
* Removed LDFLAG -Bsymbolic-functions to fix issue where TLS is disabled
when private/tlmsgr socket is not found. lp: #1885403
[Paride Legovini]
* d/postfix.postinst: tolerate search domain with a leading dot.
Closes: #991950
[Wietse Venema]
* 3.5.7
- Bugfix (introduced: Postfix 3.4, already fixed in Postfix
3.6): tlsproxy(8) was using the wrong DANE macro for
connections with DANE trust anchors or with non-DANE trust
anchors (WTF: Thorsten Habich found this bug in the use
case that has nothing to do with DANE). This resulted in a
global certificate verify function pointer race, between
TLS handshakes that use TLS trust achors and handshakes
that use PKI. No memory was corrupted in the course of all
this. Viktor Dukhovni. File: tlsproxy/tlsproxy.c.
- Cleanup: the posttls-finger '-X' option reported a false
conflict with '-r'. File: posttls-finger/posttls-finger.c.
* 3.5.8
- Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
ignored table lookup errors, treating them as 'not found'.
Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
- Bugfix (introduced: Postfix 2.3): when deleting a recipient
with a milter, delete the recipient from the duplicate
filter, so that the recipient can be added back. Backported
from Postfix 3.6. Files: global/been_here.[hc],
cleanup/cleanup_milter.c.
- Bugfix (introduced: before Postfix alpha): the code that
looks for Delivered-To: headers ignored headers longer than
$line_length_limit. Backported from Postfix 3.6. File:
global/delivered_hdr.c.
- Bugfix (introduced: Postfix 2.8): save a copy of the
postscreen_dnsbl_reply_map lookup result. This has no effect
when the recommended texthash: look table is used, but it
may avoid stale data with other lookup tables. File:
postscreen/postscreen_dnsbl.c.
- Bugfix (introduced: Postfix 2.2): after processing an
XCCLIENT command, the smtps service was waiting for a TLS
handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
- Bugfix (introduced: Postfix 2.3): static maps did not free
their casefolding buffer. File: util/dict_static.c.
- Bugfix (introduced: Postfix 3.5): the Postfix SMTP client
broke message headers longer than $line_length_limit, causing
subsequent header content to become message body content.
Reported by Andreas Weigel, fix by Viktor Dukhovni. File:
smtp/smtp_proto.c.
* 3.5.9
- Feature: when a Postfix program makes a DNS query that
requests DNSSEC validation (usually for Postfix DANE support)
but the DNS response is not DNSSEC validated, Postfix will
send a DNS query configured with the "dnssec_probe" parameter
to determine if DNSSEC support is available, and logs a
warning if it is not. By default, the probe has type "ns"
and domain name ".". The probe is sent once per process
lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c,
test_dns_lookup.c, global/mail_params.[hc], mantools/postlink.
- The default "smtp_tls_dane_insecure_mx_policy = dane" was
causing unnecessary dnssec_probe activity. The default is now
"dane" when smtp_tls_security_level is "dane", otherwise it is
"may". File: global/mail_params.h.
* 3.5.10
- Missing null pointer checks (introduced: Postfix 3.4) after
an internal I/O error during the smtp(8) to tlsproxy(8)
handshake. Found by Coverity, reported by Jaroslav Skarvada.
Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
- Null pointer bug (introduced: Postfix 3.0) and memory leak
(introduced: Postfix 3.4) after an inline: table syntax
error in main.cf or master.cf. Found by Coverity, reported
by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
util/dict_inline.c.
- Incomplete null pointer check (introduced: Postfix 2.10)
after truncated HaProxy version 1 handshake message. Found
by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
Dukhovni. File: global/haproxy_srvr.c.
- Missing null pointer check (introduced: Postfix alpha) after
null argv[0] value. File: global/mail_task.c.
* 3.5.11
- Bugfix (introduced: Postfix 2.11): the command "postmap
lmdb:/file/name" handled duplicate keys ungracefully,
discarding entries stored up to and including the duplicate
key, and causing a double free() call with lmdb versions
0.9.17 and later. Reported by Adi Prasaja; double free()
root cause analysis by Howard Chu. File: util/slmdb.c.
- Typo (introduced: Postfix 3.4): silent_discard should be
silent-discard. File: proto/BDAT_README.html.
- Support for Postfix 3.6 compatibility_level syntax, to avoid
fatal runtime errors when rolling back from Postfix 3.6 to
an earlier supported version, or when sharing Postfix 3.6
configuration files with an earlier supported Postfix
version. File: global/mail_params.c.
* 3.5.12
- Bugfix (introduced: Postfix 3.4): the texthash: map
implementation did not support "postmap -F" behavior.
Reported by Christopher Gurnee, who also found the missing
code in the postmap source. File: util/dict_thash.c.
- Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too
large" (ERANGE) errors because an strtol() call had no 'errno
= 0' statement before the call. Back-ported from Postfix 3.6.
Files: postscreen/postscreen_tests.c, util/mac_expand.c.
- Bugfix (introduced: Postfix 3.3): "null pointer read" error
in the cleanup daemon when "header_from_format = standard"
(the default as of Postfix 3.3) and email was submitted
with /usr/sbin/sendmail without From: header, and an all-space
full name was specified in 1) the password file, 2) with
"sendmail -F", or 3) with the NAME environment variable.
Found by Renaud Metrich. File: cleanup/cleanup_message.c.
(Closes: #968057)
- Bugfix (introduced: 1999): the Postfix SMTP server was
sending all session transcripts to the error_notice_recipient,
instead of sending transcripts of bounced mail to the
bounce_notice_recipient. File: smtpd/smtpd_chat.c.
- Bugfix (introduced: Postfix 2.4): false "too many reverse
jump" warnings in the showq daemon. The loop detection code
was comparing memory addresses instead of queue file names.
It now properly compares strings. Reported by Mehmet Avcioglu.
File: global/record.c.
* 3.5.13
- Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c.
- Bugfix (bug introduced: Postfix 2.10): postconf -x produced
incorrect output, because different functions were implicitly
sharing a buffer for intermediate results. Reported
by raf, root cause analysis by Viktor Dukhovni. File:
postconf/postconf_builtin.c.
- Bugfix (problem introduced: Postfix 2.11): check_ccert_access
worked as expected, but produced a spurious warning when
Postfix was built without SASL support. Fix by Brad Barden.
File: smtpd/smtpd_check.c.
- Bugfix (introduced: Postfix 2.4): queue file corruption
after a Milter (for example, MIMEDefang) made a request to
replace the message body with a copy of that message body
plus additional text (for example, a SpamAssassin report).
The most likely impacts were a) the queue manager reporting
a fatal error resulting in email delivery delays, or b) the
queue manager reporting the corruption and moving the message
to the corrupt queue for damaged messages.
However, a determined adversary could craft an email message
that would trigger the bug, and insert a content filter
destination or a redirect email address into its queue file.
Postfix would then deliver the message headers there, in
most cases without delivering the message body. With enough
experimentation, an attacker could make Postfix deliver
both the message headers and body.
The details of a successful attack depend on the Milter
implementation, and on the Postfix and Milter configuration
details; these can be determined remotely through
experimentation. Failed experiments may be detected when
the queue manager terminates with a fatal error, or when
the queue manager moves damaged files to the "corrupt" queue
as evidence.
Technical details: when Postfix executes a "replace body"
Milter request it will reuse queue file storage that was
used by the existing email message body. If the new body
is larger, Postfix will append body content to the end of
the queue file. The corruption happened when a Milter (for
example, MIMEDefang) made a request to replace the body of
a message with a new body that contained a copy of the
original body plus some new text, and the original body
contained a line longer than $line_length_limit bytes (for
example, an image encoded in base64 without hard or soft
line breaks). In queue files, Postfix stores a long text
line as multiple records with up to $line_length_limit bytes
each. Unfortunately, Postfix's "replace body" support did
not account for the additional queue file space needed to
store the second etc. record headers. And thus, the last
record(s) of a long text line could overwrite one or more
queue file records immediately after the space that was
previously occupied by the original message body.
Problem report by Benoît Panizzon.
* Fix duplicate bounce_notice_recipient entries in postconf output.
Closes: #999694
-- Scott Kitterman <email address hidden> Fri, 07 Jan 2022 00:14:16 -0500
postfix (3.6.4-1) unstable; urgency=medium [Scott Kitterman] * Ignore changes to html files in debian/source/options * Delete d/p/postfix-dup-postconf.patch, included in upstream release * Add lintian-override for insecure URI - releases are signed * Make signing-key.asc minimal [Wietse Venema] * 3.6.4 [Christian Göttsche] * Rework rules to use dh sequencer * Call subcommand via shell * Update cleaning to build package twice * Bump to debhelper compat level 13 * Drop default include path and split CCARGS * Use mkdir -Z instead of subsequent running restorecon * Drop custom function pathfind in favor of command -v * Quote path in update-libc.d * Update postfix.config * Quote directory path in postfix-instance-generator * Drop check on postinst.functions in postfix-sqlite.prerm * Update postfix-add-policy script * Update postfix-add-filter script * Drop versioned symlinks to plugin libraries * Drop ldconfig calls in maintscripts * Support parallel build, except do not build man pages parallel -- Scott Kitterman <email address hidden> Sat, 15 Jan 2022 18:41:26 -0500
postfix (3.6.3-5) unstable; urgency=medium
[Wietse Venema]
* Fix duplicate bounce_notice_recipient entries in postconf output.
Closes: #999694
[Scott Kitterman]
* Remove left-over ca-certificates.crt file from postfix chroot.
Closes: #991609
* Align sysv init script start/stop/reload more to default init and drop
d/p/09_quiet_startup.diff, no longer needed.
* Add support for chroot_extra_files and chroot_extra_CAdir variables
sourced from /etc/default/postfix to enable users to specify additional
files needed in the chroot. Closes: #948321
* Add information about keeping resolv.conf up to date in the chroot with
the resolvconf package. Closes: #964762
* Add collate.pl script as postfix-collate. Closes: #941457
[Christian Göttsche]
* Drop unreproducible build paths from makedefs.out.
* Enable Link Time Optimiation (LTO).
[Sergio Gelato]
* Correct if-up.d to not error out if postfix can't send mail yet.
Closes: #959864
-- Scott Kitterman <email address hidden> Tue, 04 Jan 2022 15:20:02 -0500
postfix (3.6.3-4) unstable; urgency=medium
[Scott Kitterman]
* Update d/p/70_postfix-check.diff to exclude makedefs.out from symlink
check. Closes: #926331
* Test that nothing is reported by postfix check in autopkgtest
* Delete debian/patches/30_shared_libs.diff, no longer needed after linking
corrections in debian/rules
* Do not override user set default_transport in postinst. Closes: #988538
* Add overrides for incorrect unused-debconf-template results
* Update debconf templates
[Christian Göttsche]
* Overhaul compiler flags
* Ignore blhc false positives on for loop
* Drop linking against local build libraries
-- Scott Kitterman <email address hidden> Tue, 28 Dec 2021 17:00:40 -0500
postfix (3.6.3-3) unstable; urgency=medium
[Scott Kitterman]
* Force rm of html/Makefile.in in install-indep to avoid potential FTBFS.
Closes: #1002497
* Make all debian/rules rm calls -f to support building when not root
[Christian Göttsche]
* Enable building with multiple jobs
* Drop unnecessary linking libraries
-- Scott Kitterman <email address hidden> Sat, 25 Dec 2021 16:47:41 -0500
postfix (3.6.3-2) unstable; urgency=medium
[Scott Kitterman]
* Add postfix-mta-sts-resolver to suggests. Closes: #968516
* Include compatibility_level in addition to postifx version when
determining default value for chroot in master.cf. Closes: #995129
* Fixup errors in postifx-add-* man pages. Closes: #995031
* Set compatibility level to 3.6 for fresh installs
* Update main/master.cf.proto on upgrade if not modified. Closes: #991513
* Decruft debconf template:
- Remove ancient (postfix 2.3) mydomain_warning
- Delete old (Postfix 2.10) relay_restrictions_warning
- Delete unused lmtp_retired_warning template
- Delete unused kernel_version_warning template
- Delete unused retry_upgrade_warning template
- Delete unused tlsmgr_upgrade_warning template
* Debconf template cleanup, thanks to Markus Hiereth for the suggestions.
Closes: #905653
[Miriam España Acebal]
* Removed LDFLAG -Bsymbolic-functions to fix issue where TLS is disabled
when private/tlmsgr socket is not found. lp: #1885403
[Christian Göttsche]
* Update debian/patches/07_sasl_config.diff:
- Fix conversion warnings by adding explicit cast
- Drop unused function xsasl_getpath
* Fix lintian detected typos in Debian packaging.
* Do not require postfix to be build by root.
* Set -e shell option explicitly.
* Bump watch file standard to version 4.
* Add misc:Pre-Depends to postfix.
* Remove trailing spaces in changelog.
* Add Documentation key to postfix service.
* Drop alternative dependency on obsolete libmysqlclient-dev.
* Add standard salsa ci configuration.
* Drop unused debconf template sqlite_warning.
[Paride Legovini]
* d/postfix.postinst: tolerate search domain with a leading dot.
Closes: #991950
[Sergio Durigan Junior]
* Support networkd-dispatcher. Closes: #999867 lp: #1718227
-- Scott Kitterman <email address hidden> Thu, 23 Dec 2021 00:18:30 -0500
postfix (3.6.3-1) unstable; urgency=medium
[Scott Kitterman]
* Add license information from TLS_LICENSE. Closes: #991610
* Additional debian/copyright updates
* Refresh patches
* Add Pre-Depends on init-system-helpers (>= 1.54~) due to use of
--skip-systemd-native flag
* Update lintian overrides
* Bump standards-version to 4.6.0 without further change
[Wietse Venema]
* 3.6.3
-- Scott Kitterman <email address hidden> Tue, 21 Dec 2021 00:13:25 -0500
postfix (3.5.13-1) unstable; urgency=medium [Wietse Venema] * 3.5.13 [Aaron Thompson] * Support non-default instance config directories. [Scott Kitterman] * Refresh patches -- Scott Kitterman <email address hidden> Sat, 13 Nov 2021 16:05:59 -0500
postfix (3.5.6-1) unstable; urgency=medium [Dominic Raferd] * Fix configure-instance.sh for postfix 3.0+ chroot default. Closes: #959517 [Scott Kitterman] * Refresh patches * Delete debian/patches/tls_version.diff - incorporated upstream [Wietse Venema] * 3.5.5 * 3.5.6 -- Scott Kitterman <email address hidden> Sun, 02 Aug 2020 17:11:04 -0400
Available diffs
- diff from 3.5.4-1 to 3.5.6-1 (2.5 KiB)
- diff from 3.5.4-1build1 (in Ubuntu) to 3.5.6-1 (2.8 KiB)
| Superseded in buster-release |
postfix (3.4.14-0+deb10u1) buster; urgency=medium
[Cody Brownstein]
* README.Debian corrections:
- Fix instructions wrt SMTP generic mapping
- Fix authentication configuration example
[Scott Kitterman]
* Updated debian/watch to track postfix 3.4 series for stable updates
* Check GPG signature when downloading new versions via uscan
[Wietse Venema]
* 3.4.11
- No changes that affect Debian 10 (Buster)
* 3.4.12
- Bugfix: segfault in the tlsproxy client role when the server
role was disabled. This typically happens on systems that
do not receive mail, after configuring connection reuse for
outbound TLS. Found during program maintenance. File:
tlsproxy/tlsproxy.c.
- Bugfix (introduced: Postfix 3.4): maillog_file_rotate_suffix
default value used the minute instead of the month. Reported
by Larry Stone. Files: conf/postfix-tls-script,
proto/MAILLOG_README.html, proto/postconf.proto.
global/mail_params.h, postfix/postfix.c.
- Bitrot: avoid U_FILE_ACCESS_ERROR after chroot(), by
initializing the ICU library before making the chroot()
call. Files: util/midna_domain.[hc], global/mail_params.c.
- Noise suppression: avoid "SSL_Shutdown:shutdown while in
init" warnings. File: tls/tls_session.c.
- Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL
client caused a false 'lost connection' error for an SMTP
over TLS session in the same Postfix process. Reported by
Alexander Vasarab, diagnosed by Viktor Dukhovni. File:
tls/tls_bio_ops.c.
- Bugfix (introduced: Postfix 2.8): a TLS error for one TLS
session may cause a false 'lost connection' error for a
concurrent TLS session in the same tlsproxy process. File:
tlsproxy/tlsproxy.c.
* 3.4.13
- Bugfix (introduced: Postfix 3.1): "postfix tls deploy-server-cert"
did not handle a missing optional argument. File:
conf/postfix-tls-script.
- Bugfix (introduced: Postfix 3.4): in the Postfix SMTP server,
the SNI callback reported an error when it was called a
second time. This happened after the server-side TLS engine
sent a TLSv1.3 HelloRetryRequest (HRR) to a remote SMTP
client. Reported by Ján Máté, fixed by Viktor Dukhovni.
File: tls/tls_misc.c.
* 3.4.14
- Bugfix (introduced: Postfix 3.4): the connection_reuse
attribute in smtp_tls_policy_maps resulted in an "invalid
attribute name" error. Fix by Thorsten Habich. File:
smtp/smtp_tls_policy.c.
- Bugfix (introduced: Postfix 3.4): SMTP over TLS connection
reuse was broken for configurations that use explicit trust
anchors. Reported by Thorsten Habich. Cause: the tlsproxy
client was sending a zero certificate length. File:
tls/tls_proxy_client_print.c.
- Bugfix (introduced: Postfix 3.4): SMTP over TLS connection
reuse was broken for configurations that use explicit trust
anchors. Reported by Thorsten Habich. Fixed by calling DANE
initialization unconditionally (WTF). File: tlsproxy/tlsproxy.c.
- Bugfix (introduced: Postfix 2.11): The Postfix smtp(8)
client did not send the right SNI name when the TLSA base
domain was a secure CNAME expansion of the MX hostname (or
non-MX nexthop domain). Domains with CNAME expanded MX hosts
are not conformant with RFC5321, and so are rare. Even more
rare are MX hosts with TLSA records for their CNAME expansion.
For this to matter, the remote SMTP server would also have
to select its certificate based on the SNI name in such a
way that the original MX host would yield a different
certificate. Among the ~2 million hosts in the DANE survey,
none meet the conditions for returning a different certificate
for the expanded CNAME. Therefore, sending the correct SNI
name should not break existing mail flows. Fixed by Viktor
Dukhovni. File: src/tls/tls_client.c.
-- Scott Kitterman <email address hidden> Mon, 29 Jun 2020 21:33:31 -0400
| Published in stretch-release |
postfix (3.1.15-0+deb9u1) stretch; urgency=medium
[Scott Kitterman]
* Check GPG signature when downloading new versions via uscan
[Wietse Venema]
* 3.1.15
- Bugfix (introduced: Postfix 2.8): don't gratuitously enable
all after-220 tests when only one such test is enabled.
This made selective tests impossible with 'good' clients.
File: postscreen/postscreen_smtpd.c.
- Bugfix (introduced: Postfix 3.1): support for
smtp_dns_resolver_options was broken while adding support
for negative DNS response caching in postscreen. Postfix
was inadvertently changed to call res_query() instead of
res_search(). Reported by Jaroslav Skarvada. File:
dns/dns_lookup.c.
- Bugfix (introduced: Postfix 3.0): sanitize server responses
before storing them in the verify database, to avoid Postfix
warnings about malformed UTF8. File: verify/verify.c.
- Bugfix (introduced: Postfix 2.5): the Milter connect event
macros were evaluated before the Milter connection itself
had been negotiated. Problem reported by David Bürgin.
Files: milter/milter.h, milter/milter.c, milter/milter8.c
-- Scott Kitterman <email address hidden> Sun, 16 Feb 2020 14:59:05 -0500
postfix (3.5.4-1) unstable; urgency=medium
[Wietse Venema]
* 3.5.4
-- Scott Kitterman <email address hidden> Mon, 29 Jun 2020 21:16:04 -0400
Available diffs
- diff from 3.5.3-1 to 3.5.4-1 (3.8 KiB)
postfix (3.5.3-1) unstable; urgency=medium [Wietse Venema] * 3.5.3 LP: #1881196 [Debian Janitor] * Trim trailing whitespace. * Fix day-of-week for changelog entries 0.0.20001030.SNAPSHOT-4, 0.0.20001030.SNAPSHOT-3, 0.0.19991231pl02-1, 0.0.19990122-1. -- Scott Kitterman <email address hidden> Mon, 15 Jun 2020 16:23:34 -0400
Available diffs
- diff from 3.5.2-1 to 3.5.3-1 (3.8 KiB)
postfix (3.5.2-1) unstable; urgency=medium
[Scott Kitterman]
* Update README.Debian to mention postfix-doc. Closes: #234009
* Spelling fixes in README.Debian
[Wietse Venema]
* 3.5.2
[Cody Brownstein]
* Fix README.Debian instructions for SMTP generic mapping and related
example
-- Scott Kitterman <email address hidden> Mon, 18 May 2020 15:25:47 -0400
Available diffs
- diff from 3.5.1-1 to 3.5.2-1 (6.8 KiB)
| Superseded in buster-release |
postfix (3.4.10-0+deb10u1) buster; urgency=medium
[Wietse Venema]
* 3.4.10
- Bugfix (introduced: Postfix 2.3): panic with Postfix
multi-Milter configuration during MAIL FROM. Milter client
state was not properly reset after one of the Milters failed.
Reported by WeiYu Wu.
-- Scott Kitterman <email address hidden> Mon, 16 Mar 2020 15:43:44 -0400
postfix (3.5.1-1) unstable; urgency=medium [Scott Kitterman] * Delete d/p/gcc_10_glibc_2_31.patch, incorporated in 3.5.1 [Wietse Venema] * 3.5.1 -- Scott Kitterman <email address hidden> Mon, 20 Apr 2020 17:21:21 -0400
Available diffs
- diff from 3.4.10-1ubuntu1 (in Ubuntu) to 3.5.1-1 (174.3 KiB)
postfix (3.5.0-2) unstable; urgency=medium [Scott Kitterman] * Add patch from upstream for GCC-10 and Glibc 2.31 support. Closes: #957697 [Aaron Thompson] * Fix bug in tls_CApath copying. LP: #1872288 -- Scott Kitterman <email address hidden> Fri, 17 Apr 2020 11:51:01 -0400
postfix (3.5.0-1) unstable; urgency=medium [Scott Kitterman] * Drop debian/patches/80_glibc2.30-ftbfs.diff, incorporated upstream * Refresh patches [Wietse Venema] * 3.5.0 -- Scott Kitterman <email address hidden> Mon, 16 Mar 2020 16:32:19 -0400
postfix (3.4.10-1) unstable; urgency=medium [Scott Kitterman] * Update postfix.postinst text to refer to systemctl vice service [Wietse Venema] * 3.4.10 -- Scott Kitterman <email address hidden> Fri, 13 Mar 2020 01:11:35 -0400
Available diffs
- diff from 3.4.9-1 to 3.4.10-1 (1.5 KiB)
- diff from 3.4.9-1build1 (in Ubuntu) to 3.4.10-1 (1.6 KiB)
postfix (3.4.9-1) unstable; urgency=medium
[Scott Kitterman]
* Correct Debian's smtp (8) man page name in d/p/debian-man-name.diff for
lmtp. Closes: #920356
* Fix d/init.d running change so it works with multi-instance again
- Thanks to <email address hidden> for the fix. Closes: #944922
* Bump standards-version to 4.5.0 without further change
* Switch from debian/compat to debhelper-compat and bump compat to 12
- Update debian/rules to use dh_installsystemd instead of
dh_systemd_enable and dh_systemd_start
- Update debian/rules for new example install path
[Wietse Venema]
* 3.4.9
-- Scott Kitterman <email address hidden> Sat, 15 Feb 2020 22:34:22 -0500
Available diffs
- diff from 3.4.8-1 to 3.4.9-1 (3.7 KiB)
- diff from 3.4.8-1build1 (in Ubuntu) to 3.4.9-1 (3.8 KiB)
| Superseded in stretch-release |
postfix (3.1.14-0+deb9u1) stretch; urgency=medium
[Wietse Venema]
* 3.1.13
- Bugfix (introduced: Postfix 2.3): a censoring filter broke
multiline Milter responses for header/body events. Problem
report by Andreas Thienemann. Files: util/printable.c,
util/stringops.h, smtpd/smtpd.c
- Workaround for implementations that hang Postfix while
shutting down a TLS session, until Postfix times out. With
"tls_fast_shutdown_enable = yes" (the default), Postfix no
longer waits for the TLS peer to respond to a TLS 'close'
request. This is recommended with TLSv1.0 and later. Files:
global/mail_params.h, tls/tls_session.c, and documentation.
- Bugfix (introduced: Postfix 3.0): the code to reset Postfix
SMTP server command counts was not called after a HaProxy
handshake failure, causing stale numbers to be reported.
The command counts are now reset in the function that reports
the counts. File: smtpd/smtpd.c
* 3.1.14
- Bugfix: the documentation said tls_fast_shutdown_enable,
but the code said tls_fast_shutdown. Viktor Dukhovni. Changed
the code because no-one is expected to override the default.
File: global/mail_params.h.
- Workaround for poor TCP loopback performance on LINUX, where
getsockopt(..., TCP_MAXSEG, ..) reports a TCP maximal segment
size that is 1/2 to 1/3 of the MTU. For example, with kernel
5.1.16-300.fc30.x86_64 the TCP client and server announce
an mss of 65495 in the TCP handshake, but getsockopt()
returns 32741 (less than half). As a matter of principle,
Postfix won't turn on client-side TCP_NODELAY because that
hides application performance bugs, and because that still
suffers from server-side delayed ACKs. Instead, Postfix
avoids sending "small" writes back-to-back, by choosing a
VSTREAM buffer size that is a multiple of the reported MSS.
This workaround bumps the multiplier from 2x to 4x. File:
util/vstream_tweak.c.
- Bugfix (introduced: 20051222): the Dovecot client could
segfault (null pointer read) or cause an SMTP server assertion
to fail when talking to a fake Dovecot server. The client
now logs a proper error instead. Problem reported by Tim
Düsterhus. File: xsasl/xsasl_dovecot_server.c.
- Bitrot: don't invoke SSL_shutdown() when the SSL engine
thinks it is processing a TLS handshake. The commit at
https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59
changed the error status, incompatibly, from SSL_ERROR_NONE
into SSL_ERROR_SSL. File: tlsproxy/tlsproxxy.c.
- Bugfix (introduced: Postfix-2.9.0): null pointer read, while
logging a warning after a postscreen_command_filter read
error. File: postscreen/postscreen_smtpd.c.
-- Scott Kitterman <email address hidden> Tue, 01 Oct 2019 19:28:19 -0400
| Superseded in buster-release |
postfix (3.4.8-0+10debu1) buster; urgency=medium
[Scott Kitterman]
* Refactor running status detection in sysv init based on upstream
postfix-script so it works in docker. Closes: #941293
[Wietse Venema]
* 3.4.8
- Bugfix (introduced: Postfix 2.8): don't gratuitously enable
all after-220 tests when only one such test is enabled.
This made selective tests impossible with 'good' clients.
File: postscreen/postscreen_smtpd.c.
- Bugfix: the 20180903 postscreen fix for a misleading
"PIPELINING after BDAT" warning looked at the wrong variable.
The warning now says "BDAT without valid RCPT", and the
error is no longer treated as a command PIPELINING error
(but sending BDAT is still a client error, because postscreen
rejects all RCPT commands and does not announce PIPELINING
support). File: postscreen/postscreen_smtpd.c.
- Usability: the parser for key/certificate chain files
rejected inputs that contain an EC PARAMETERS object. While
this is technically correct (the documentation says what
types are allowed) this is surprising behavior because the
legacy cert/key parameters will accept such inputs. For
now, the parser skips object types that it does not know
about for usability, and logs a warning because ignoring
inputs is not kosher. Viktor and Wietse. File: tls/tls_certkey.c.
-- Scott Kitterman <email address hidden> Wed, 15 Jan 2020 09:05:50 -0500
postfix (3.4.8-1) unstable; urgency=medium [Scott Kitterman] * Stop generating obsolete Upstream substvar * Bump standards-version to 4.4.1 without further change * Use -l instead of LD_LIBRARY_PATH for dh_shlibdeps * Check GPG signature when downloading new versions via uscan [Wietse Venema] * 3.4.8 -- Scott Kitterman <email address hidden> Sun, 12 Jan 2020 02:26:14 -0500
Available diffs
- diff from 3.4.7-2 to 3.4.8-1 (10.4 KiB)
| Superseded in buster-release |
postfix (3.4.7-0+deb10u1) buster; urgency=medium
[Wietse Venema]
* 3.4.6
- Documentation: tlsext_padding is not a tls_ssl_options
feature. File: proto/postconf.proto.
- Portability: added "#undef sun" to util/unix_dgram_connect.c
(documented for completeness - no impact on Debian)
- Bugfix (introduced: Postfix 2.3): a censoring filter broke
multiline Milter responses for header/body events. Problem
report by Andreas Thienemann. Files: util/printable.c,
util/stringops.h, smtpd/smtpd.c
- Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit =
0" no longer meant 'unlimited'. Problem report by Luc Pardon.
File: smtp/smtp_addr.c.
- Documentation: updated the BUGS section in the smtp(8) manpage
about TLS connection reuse. File: smtp/smtp.c.
- Workaround for implementations that hang Postfix while
shutting down a TLS session, until Postfix times out. With
"tls_fast_shutdown_enable = yes" (the default), Postfix no
longer waits for the TLS peer to respond to a TLS 'close'
request. This is recommended with TLSv1.0 and later. Files:
global/mail_params.h, tls/tls_session.c, and documentation.
- Bugfix (introduced: Postfix 3.0): the code to reset Postfix
SMTP server command counts was not called after a HaProxy
handshake failure, causing stale numbers to be reported.
The command counts are now reset in the function that reports
the counts. File: smtpd/smtpd.c.
* 3.4.7
- Bugfix: the documentation said tls_fast_shutdown_enable,
but the code said tls_fast_shutdown. Viktor Dukhovni. Changed
the code because no-one is expected to override the default.
File: global/mail_params.h.
- Workaround for poor TCP loopback performance on LINUX, where
getsockopt(..., TCP_MAXSEG, ..) reports a TCP maximal segment
size that is 1/2 to 1/3 of the MTU. For example, with kernel
5.1.16-300.fc30.x86_64 the TCP client and server announce
an mss of 65495 in the TCP handshake, but getsockopt()
returns 32741 (less than half). As a matter of principle,
Postfix won't turn on client-side TCP_NODELAY because that
hides application performance bugs, and because that still
suffers from server-side delayed ACKs. Instead, Postfix
avoids sending "small" writes back-to-back, by choosing a
VSTREAM buffer size that is a multiple of the reported MSS.
This workaround bumps the multiplier from 2x to 4x. File:
util/vstream_tweak.c.
- Bugfix (introduced: 20051222): the Dovecot client could
segfault (null pointer read) or cause an SMTP server assertion
to fail when talking to a fake Dovecot server. The client
now logs a proper error instead. Problem reported by Tim
Düsterhus. File: xsasl/xsasl_dovecot_server.c.
- Bugfix (introduced: Postfix 3.4): don't whitewash OpenSSL
error results after a plaintext output error. The code could
loop, and with some OpenSSL error results could flood the
log with error messages (see below for a specific case).
Problem reported by Andreas Schulze. File: tlsproxy/tlsproxy.c.
- Bitrot: don't invoke SSL_shutdown() when the SSL engine
thinks it is processing a TLS handshake. The commit at
https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59
changed the error status, incompatibly, from SSL_ERROR_NONE
into SSL_ERROR_SSL. File: tlsproxy/tlsproxxy.c.
-- Scott Kitterman <email address hidden> Tue, 01 Oct 2019 19:21:59 -0400
postfix (3.4.7-2) unstable; urgency=medium [Andreas Hasenack] * Update autopkgtest to use python3. Closes: #943212 LP: #1845334 [Scott Kitterman] * Update smtp_tls_CApath to /etc/ssl/certs so it actually works. Closes: #923083 * Refactor running status detection in sysv init based on upstream postfix-script so it works in docker. Closes: #941293 -- Scott Kitterman <email address hidden> Sun, 03 Nov 2019 13:09:50 -0500
Available diffs
- diff from 3.4.7-1 to 3.4.7-2 (8.0 KiB)
postfix (3.4.7-1) unstable; urgency=medium [Andreas Hasenack] * * d/p/80_glibc2.30-ftbfs.diff: fix build with glibc 2.30 (LP: #1842923) [Scott Kitterman] * Refresh patches * Modernize default TLS setup: - Drop addition of smtpd_tls_session_cache_database to TLS parameters (no longer needed since TLS session tickets are used now). Closes: #934803 - Replace use of obsolescent smtpd_use_tls=yes with smtpd_tls_security_level=may in default TLS setting. Closes: #520936 - Add smtp_tls_security_level=may to default TLS settings so that both client and server TLS are now enabled be default for new installations. Closes: #163144 - Stop copying smtp_tls_CAfile into chroot, not needed per postfix docs - Also copy smtpd_tls_CApath files into chroot. Closes: #579248 - Add smtp_tls_CApath using /usr/share/ca-certificates/ to default TLS configuration so postfix smtp client can use the system certificate store to verify smtp server certificates, add ca-certificates to postfix Recommends. Closes: #923083 * Bump standards version to 4.4.0 without further change * Fix spelling errors in Debian provided man pages [Christian Göttsche] * Fix debian/rules so build flags are applied Closes: #879668 [Wietse Venema] * 3.4.6 * 3.4.7 -- Scott Kitterman <email address hidden> Sun, 22 Sep 2019 16:21:17 -0400
Available diffs
| Superseded in stretch-release |
postfix (3.1.12-0+deb9u1) stretch; urgency=medium
[Scott Kitterman]
* Add detailed smarthost instructions to README.Debian. Thanks to Celejar
for the input. Closes: #919444
* Refresh patches
[Wietse Venema]
* 3.1.10
- Bugfix (introduced: Postfix 2.11): minor memory leak when
minting issuer certs. This affects a tiny minority of use
cases. Viktor Dukhovni, based on a fix by Juan Altmayer
Pizzorno for the ssl_dane library. File: tls/tls_dane.c.
- Bugfix (introduced: Postfix 3.0): with smtputf8_enable=yes,
table lookups could casefold the search string when searching
a lookup table that does not use fixed-string keys (regexp,
pcre, tcp, etc.). Historically, Postfix would not case-fold
the search string with such tables. File: util/dict_utf8.c.
Closes: #917512
- Multiple 'bit rot' fixes for OpenSSL API changes, including
support to disable TLSv1.3, to avoid issuing multiple session
tickets. Viktor Dukhovni. Files: proto/postconf.proto,
proto/TLS_README.html, tls/tls.h, tls/tls_server.c,
tls/tls_misc.c.
- Bugfix (introduced: 3.0): smtpd_discard_ehlo_keywords could
not disable "SMTPUTF8". because the lookup table was using
"EHLO_MASK_SMTPUTF8" instead. File: global/ehlo_mask.c.
- Documentation: update documentation for Postfix versions
that support disabling TLS 1.3. File: proto/postconf.proto.
- Improved logging of TLS 1.3 summary information, and improved
reporting of the same info in Received: message headers.
Viktor Dukhovni. Files: proto/FORWARD_SECRECY_README.html,
posttls-finger/posttls-finger.c, smtpd/smtpd.c, tls/tls.h,
tls/tls_client.c, tls/tls_misc.c, tls/tls_proxy.h,
tls/tls_proxy_context_print.c, tls/tls_proxy_context_scan.c,
tls/tls_server.c.
* 3.1.11
- Bugfix (introduced: postfix-2.11): with posttls-finger,
connections to unix-domain servers always resulted in "Failed
to establish session" even after a connection was established.
Jaroslav Skarva. File: posttls-finger/posttls-finger.c.
* 3.1.12
- Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
has been producing false rejects starting with the Postfix
2.2 smtpd_end_of_data_restrictons, and for the same reasons,
did the same with the Postfix 3.4 BDAT command. The latter
was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
- Bugfix (introduced: Postfix 3.0): LMTP connections over
UNIX-domain sockets were cached but not reused, due to a
cache lookup key mismatch. Therefore, idle cached connections
could exhaust LMTP server resources, resulting in two-second
pauses between email deliveries. This problem was investigated
by Juliana Rodrigueiro. File: smtp/smtp_connect.c.
-- Scott Kitterman <email address hidden> Mon, 25 Mar 2019 01:01:51 -0400
postfix (3.4.5-1) unstable; urgency=medium
[Wietse Venema]
* 3.4.5
- With message_size_limit=0 (which is NOT DOCUMENTED), BDAT
chunks were always rejected as too large. File: smtpd/smtpd.c
- Bugfix (introduced: Postfix 3.0): LMTP connections over
UNIX-domain sockets were cached but not reused, due to a
cache lookup key mismatch. Therefore, idle cached connections
could exhaust LMTP server resources, resulting in two-second
pauses between email deliveries. This problem was investigated
by Juliana Rodrigueiro. File: smtp/smtp_connect.c.
-- Scott Kitterman <email address hidden> Mon, 01 Apr 2019 13:27:26 -0400
Available diffs
- diff from 3.3.2-4 to 3.4.5-1 (412.9 KiB)
postfix (3.4.4-1) unstable; urgency=medium
[Wietse Venema]
* 3.4.2
- Bugfix (introduced: 20181226): broken DANE trust anchor
file support, caused by left-over debris from the 20181226
TLS library overhaul. Scott Kitterman. File: tls/tls_dane.c.
Closes: #924183
- Bugfix (introduced: Postfix-1.0.1): null pointer read, while
logging a warning after a corrupted bounce log file. File:
global/bounce_log.c.
- Bugfix (introduced: Postfix-2.9.0): null pointer read, while
logging a warning after a postscreen_command_filter read
error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
* 3.4.3
- Bitrot: LINUX5s support, after some sanity checks with a
rawhide prerelease version. Files: makedefs, util/sys_defs.h.
Closes: #922477
* 3.4.4
- Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
has been producing false rejects starting with the Postfix
2.2 smtpd_end_of_data_restrictons, and for the same reasons,
does the same with the Postfix 3.4 BDAT command. The latter
was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
Closes: #925082
-- Scott Kitterman <email address hidden> Sun, 24 Mar 2019 15:28:00 -0400
postfix (3.4.1-1) unstable; urgency=medium [Scott Kitterman] * Upload to unstable [localization folks] * l10n: Updated Danish debconf translations. Closes: #923066 (Joe Hansen). [Wietse Venema] * 3.4.1. Closes: #920766 -- Scott Kitterman <email address hidden> Thu, 07 Mar 2019 21:48:53 -0500
| Deleted in experimental-release (Reason: None provided.) |
postfix (3.4.0-1) experimental; urgency=medium
[Wietse Venema]
* 3.4.0
[Scott Kitterman]
* Remove d/p/smtputf8_case_fold.patch: Patch from upstream incorporated in
this release
* Bump minimum libssl-dev build-depends version to 1.0.2
* Remove d/p/use-pkg-config-for-icu.diff: Upstream implemented similar fix
* Remove ancient db3 upgrade code from postfix.postinst and related d/p/
11_postmap_update.diff in lieu of rewriting the obsolete patch to work
with postfix 3.4
* Refresh patches
-- Scott Kitterman <email address hidden> Fri, 01 Mar 2019 11:58:16 -0500
postfix (3.3.2-4) unstable; urgency=medium
* Bump triggering version in debian/postfix.maintscript so that the
the transition to having makedefs.out no longer be a conffile actually
works. Closes: #922475
- Thanks to Sven Joachim for the report and the fix
-- Scott Kitterman <email address hidden> Sun, 17 Feb 2019 03:04:52 -0500
Available diffs
- diff from 3.3.2-3 to 3.3.2-4 (540 bytes)
| Superseded in stretch-release |
postfix (3.1.9-0+deb9u2) stretch; urgency=medium * Update debian/watch to point to the 3.1 series used in stretch -- Scott Kitterman <email address hidden> Fri, 08 Feb 2019 09:07:33 -0500
postfix (3.3.2-3) unstable; urgency=medium
* Add debian/patches/use-pkg-config-for-icu.diff and add pkg-config to
build-depends so libicu is detected and postfix is built with smtputf8
support. Closes: #921075
-- Scott Kitterman <email address hidden> Sat, 16 Feb 2019 06:24:34 -0500
Available diffs
- diff from 3.3.2-1 to 3.3.2-3 (6.0 KiB)
postfix (3.3.2-2) unstable; urgency=medium
[Scott Kitterman]
* Move #DEBHELPER# token to the end of postfix.postinst so package
configuration completes prior to #DEBHELPER# provided snippets being
executed. Closes: #854331
* Backport bugfix from 3.4 (devel) to fix case folding when smtputf8 is
enabled. Closes: #917512
* Add note on milter settings to README.Debian. Closes: #756348
* Update postfix suggests to make it clearer that cyrus and dovecot are
alternatives for SASL. Closes: #606022
* Add detailed smarthost instructions to README.Debian. Thanks to Celejar
for the input. Closes: #919444
* Set lmtp(8) to forward to the correct smtp(8) name for Debian.
Closes: #920356
* Bump standards-version to 4.3.0 without further change.
[Christian Ehrhardt]
* Make makedefs.out no longer be a conffile but still keep it available for.
postfix check. Closes: #908545
-- Scott Kitterman <email address hidden> Sat, 16 Feb 2019 03:22:11 -0500
| 1 → 75 of 151 results | First • Previous • Next • Last |
