postfix*: update to 3.8.4
20230815 Bugfix (bug introduced: 20140218): when opportunistic TLS fails during or after the handshake, don't require that a probe message spent a minimum time-in-queue before falling back to plaintext. Problem reported by Serg. File: smtp/smtp.h. 20230819 Bugfix (defect introduced: 19980207): the valid_hostname() check in the Postfix DNS client library was blocking unusual but legitimate wildcard names (*.name) in some DNS lookup results and lookup requests. Examples: name class/type value *.one.example IN CNAME *.other.example *.other.example IN A 10.0.0.1 *.other.example IN TLSA ..certificate info... Such syntax is blesed in RFC 1034 section 4.3.3. This problem was reported first in the context of TLSA record lookups. Files: util/valid_hostname.[hc], dns/dns_lookup.c. 20230929 Bugfix (defect introduced Postfix 2.5, 20080104): the Postfix SMTP server was waiting for a client command instead of replying immediately, after a client certificate verification error in TLS wrappermode. Reported by Andreas Kinzler. File: smtpd/smtpd.c. 20231006 Usability: the Postfix SMTP server now attempts to log the SASL username after authentication failure. In Postfix logging, this appends ", sasl_username=xxx" after the reason for SASL authentication failure. The logging replaces an unavailable reason with "(reason unavailable)", and replaces an unavailable sasl_username with "(unavailable)". Based on code by Jozsef Kadlecsik. Files: xsasl/xsasl_server.c, xsasl/xsasl_cyrus_server.c, smtpd/smtpd_sasl_glue.c. 20231026 Bugfix (defect introduced: Postfix 2.11): in forward_path, the expression ${recipient_delimiter} would expand to an empty string when a recipient address had no recipient delimiter. Fixed by restoring Postfix 2.10 behavior to use a configured recipient delimiter value. Reported by Tod A. Sandman. Files: proto/postconf.proto, local/local_expand.c. 20231221 Security: with "smtpd_forbid_bare_newline = yes" (default "no" for Postfix < 3.9), reply with "Error: bare <LF> received" and disconnect when an SMTP client sends a line ending in <LF>, violating the RFC 5321 requirement that lines must end in <CR><LF>. This prevents SMTP smuggling attacks that target a recipient at a Postfix server. For backwards compatibility, local clients are excluded by default with "smtpd_forbid_bare_newline_exclusions = $mynetworks". Files: mantools/postlink, proto/postconf.proto, global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h, smtpd/smtpd.c.
This commit is contained in:
parent
8461c550f2
commit
8c1d01819c
|
@ -1,5 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.4 2023/05/08 04:31:44 triaxx Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.5 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server cdb backend module
|
||||
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.8 2023/10/24 22:09:49 wiz Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.9 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server LDAP backend module
|
||||
PKGREVISION= 1
|
||||
|
||||
POSTFIX_LIB= ldap
|
||||
POSTFIX_LIBDIR= src/global
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.7 2023/05/08 04:32:44 triaxx Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.8 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server LMDB backend module
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.8 2021/07/26 15:38:10 taca Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.9 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server MySQL backend module
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.6 2017/03/04 06:26:42 taca Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.7 2023/12/22 17:29:18 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server PCRE map module
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.8 2017/03/04 06:26:42 taca Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.9 2023/12/22 17:29:18 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server PostgreSQL backend module
|
||||
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.36 2023/11/08 13:19:59 wiz Exp $
|
||||
#
|
||||
# $NetBSD: Makefile,v 1.37 2023/12/22 17:29:18 wiz Exp $
|
||||
|
||||
COMMENT= Postfix SMTP server SQLite backend module
|
||||
PKGREVISION= 1
|
||||
|
||||
POSTFIX_LIB= sqlite
|
||||
POSTFIX_LIBDIR= src/global
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
# $NetBSD: Makefile,v 1.343 2023/11/08 13:19:59 wiz Exp $
|
||||
# $NetBSD: Makefile,v 1.344 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
PKGREVISION= 2
|
||||
.include "../../mail/postfix/Makefile.common"
|
||||
|
||||
COMMENT= Fast, easy to administer, and secure mail transfer agent
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile.common,v 1.45 2023/07/15 14:56:26 otis Exp $
|
||||
# $NetBSD: Makefile.common,v 1.46 2023/12/22 17:29:17 wiz Exp $
|
||||
# used by mail/postfix/Makefile
|
||||
# used by mail/postfix/Makefile.module
|
||||
|
||||
DISTNAME= postfix-3.8.1
|
||||
DISTNAME= postfix-3.8.4
|
||||
CATEGORIES= mail
|
||||
MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.206 2023/07/15 14:56:26 otis Exp $
|
||||
$NetBSD: distinfo,v 1.207 2023/12/22 17:29:17 wiz Exp $
|
||||
|
||||
BLAKE2s (postfix-3.8.1.tar.gz) = 505c5e4dc3874af8c06c3fb9e3cdd0297697dbabb13fb902fd29fd382fd2d40a
|
||||
SHA512 (postfix-3.8.1.tar.gz) = 9eb91f2baab327de22dd55fc5ff398de74856e30be461282f41b1801301873881a8f40ce061c16e0505d51d96aaf0eff8d0ac660e5f6c70c6125133f64a4ee80
|
||||
Size (postfix-3.8.1.tar.gz) = 4848293 bytes
|
||||
BLAKE2s (postfix-3.8.4.tar.gz) = f0c1556f2d66b34d0ecb52d84846daec03fdbbfbf743d30a35e1b7d91f30e8e6
|
||||
SHA512 (postfix-3.8.4.tar.gz) = 5bae3d62e104714aead1fff28a595bab4315227382f53c8dae2a231f4240e31abda19c1e3befc1db4c89bc5d66c9a43830390365aadabdac5cf36b493c5c48c7
|
||||
Size (postfix-3.8.4.tar.gz) = 4864184 bytes
|
||||
SHA1 (patch-aa) = c8216f133e202a7bb37682b0dbc1448f021e7c1c
|
||||
SHA1 (patch-ag) = 8ab3cfafa63056f9a7f096da7e55bcccab965180
|
||||
SHA1 (patch-ai) = 3d143532e1e9a149c6c06e2efadcd34f6f72e82d
|
||||
|
|
Loading…
Reference in New Issue