The stable release Postfix 2.6.5 addresses the defects described
below (some already addressed with the not-announced Postfix 2.6.3
release). These defects are also addressed in the legacy releases
that are still maintained: Postfix 2.5.9, 2.4.13 and 2.3.19.
Do not use Postfix 2.6.4, 2.5.8, 2.4.12, 2.3.18, 2.7-20090807, and
2.7-20090807-nonprod. These contain a DNS workaround that causes
more trouble than it prevents. It is removed until further notice.
Defects fixed with Postfix 2.6.3, 2.5.9, 2.4.13 and 2.3.19:
- The Postfix Milter client got out of step with a Milter application
after the application sent a "quarantine" request at end-of-message
time. The Milter application would still be in the end-of-message
state, while Postfix would already be working on the next SMTP
event, typically, QUIT or MAIL FROM. In the latter case, Milter
responses for the previously-received email message would be
applied towards the next MAIL FROM transaction. This problem was
diagnosed with help from Alban Deniz.
Defects fixed with Postfix 2.6.5, 2.5.9, 2.4.13 and 2.3.19:
- The Postfix SMTP server would abort with an "unexpected lookup
table" error when an SMTPD policy server was mis-configured in a
particular way.
Postfix stable release 2.6.2 fixes one defect in SASL support.
This does not affect Postfix versions 2.5 and earlier.
With plaintext SMTP sessions AND smtpd_tls_auth_only=yes AND
smtp_sasl_auth_enable=yes, the SMTP server logged warnings for
reject_*_sender_login_mismatch, instead of enforcing them.
You can find Postfix version 2.6.2 at the mirrors listed at
Postfix stable release 2.6.2 fixes one defect in SASL support.
This does not affect Postfix versions 2.5 and earlier.
20090513
Code cleanups: better parsing of Postfix daemon "-o"
command-line options, with better error handling. Files:
master/*server.c.
20090518
Documentation: missing dummy entries for lmtp_mumble_checks.
File: proto/postconf.proto.
20090519
Bugfix (introduced: Postfix 2.3, but did not cause trouble
until 20090427). Queue file corruption with (smtpd_milters
or non_smtpd_milters) enabled, AND with delay_warning_time
enabled, AND with short envelope sender addresses (e.g.,
local submissions with bare usernames, but not bounces).
The queue file would be corrupted when the delay_warning_time
record was marked as "done" after sending the "your mail
is delayed" notice. File: qmgr/qmgr_message.c.
Postfix 2.4 and later, on Linux kernel 2.6, is vulnerable to a
denial of service attack by a local user. There is no breach of
data confidentiality or data integrity. This problem was found by
the Postfix author during routine source code maintenance.
An on-line version of this announcement is available at
http://www.postfix.org/announcements/20080902.html
20080804
Bugfix: dangling pointer in vstring_sprintf_prepend().
File: util/vstring.c.
20080814
Security: some systems have changed their link() semantics,
and will hardlink a symlink, contrary to POSIX and XPG4.
Sebastian Krahmer, SuSE. File: util/safe_open.c.
The solution introduces the following incompatible change:
when the target of mail delivery is a symlink, the parent
directory of that symlink must now be writable by root only
(in addition to the already existing requirement that the
symlink itself is owned by root). This change will break
legitimate configurations that deliver mail to a symbolic
link in a directory with less restrictive permissions.
is read-only but is faster than Berkeley DB and uses less memory. Use the
TinyCDB implementation which is in the public domain and a bit faster than
DJB's original CDB.
next stable release (expected by the end of January). Experimental releases
are now labeled 2.6-* but we'll track the 2.5.0 release candidates for now and
switch to 2.6 snapshots later.
Lots of changes, see HISTORY/RELEASES_NOTES for details.
Ok with martti.
default (this doesn't actually depend on Dovecot for building, the code is
shipped with Postfix).
Set the default value for smtpd_sasl_type to "dovecot" unless cyrus SASL is
enabled, too. This ensures backwards compatibility for most cases.
Ok with martti, joerg.
20061017
Cleanup: removed spurious warning when the cleanup server
attempts to bounce mail with soft_bounce=yes. Problem
reported by Ralf Hildebrandt. File: cleanup/cleanup_bounce.c.
Bugfix: null pointer bug when receiving a non-protocol
response on a cached SMTP/LMTP connection. Report by Brian
Kantor. Fix by Victor Duchovni. File: smtp/smtp_reuse.c.
in post-extract.
I exchanges few mails with Wietse and he refused to fix the "==" lines and
instructed me to simply remove the offending file. Instead of having a patch
for a file which is not used by pkgsrc I think it makes sense to remove it.
