Next | Query returned 7 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2023-12-22 18:29:18 by Thomas Klausner | Files touched by this commit (10) | Package updated
Log message:
postfix*: update to 3.8.4

20230815

	Bugfix (bug introduced: 20140218): when opportunistic TLS fails
	during or after the handshake, don't require that a probe
	message spent a minimum time-in-queue before falling back to
	plaintext. Problem reported by Serg. File: smtp/smtp.h.

20230819

	Bugfix (defect introduced: 19980207): the valid_hostname()
	check in the Postfix DNS client library was blocking unusual
	but legitimate wildcard names (*.name) in some DNS lookup
	results and lookup requests. Examples:

            name          class/type value
            *.one.example   IN CNAME *.other.example
            *.other.example IN A     10.0.0.1
            *.other.example IN TLSA  ..certificate info...

	Such syntax is blesed in RFC 1034 section 4.3.3.

	This problem was reported first in the context of TLSA
	record lookups. Files: util/valid_hostname.[hc],
	dns/dns_lookup.c.

20230929

	Bugfix (defect introduced Postfix 2.5, 20080104): the Postfix
	SMTP server was waiting for a client command instead of
	replying immediately, after a client certificate verification
	error in TLS wrappermode. Reported by Andreas Kinzler. File:
	smtpd/smtpd.c.

20231006

	Usability: the Postfix SMTP server now attempts to log the
	SASL username after authentication failure. In Postfix
	logging, this appends ", sasl_username=xxx" after the reason
	for SASL authentication failure. The logging replaces an
	unavailable reason with "(reason unavailable)", and replaces
	an unavailable sasl_username with "(unavailable)". Based
	on code by Jozsef Kadlecsik. Files: xsasl/xsasl_server.c,
	xsasl/xsasl_cyrus_server.c, smtpd/smtpd_sasl_glue.c.

20231026

	Bugfix (defect introduced: Postfix 2.11): in forward_path,
	the expression ${recipient_delimiter} would expand to an
	empty string when a recipient address had no recipient
	delimiter. Fixed by restoring Postfix 2.10 behavior to use
	a configured recipient delimiter value. Reported by Tod
	A. Sandman. Files: proto/postconf.proto, local/local_expand.c.

20231221

	Security: with "smtpd_forbid_bare_newline = yes" (default
	"no" for Postfix < 3.9), reply with "Error: bare <LF>
	received" and disconnect when an SMTP client sends a line
	ending in <LF>, violating the RFC 5321 requirement that
	lines must end in <CR><LF>. This prevents SMTP smuggling
	attacks that target a recipient at a Postfix server. For
	backwards compatibility, local clients are excluded by
	default with "smtpd_forbid_bare_newline_exclusions =
	$mynetworks". Files: mantools/postlink, proto/postconf.proto,
	global/mail_params.h, global/smtp_stream.c, global/smtp_stream.h,
	smtpd/smtpd.c.
   2023-05-08 06:32:44 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (1)
Log message:
postfix-lmdb: Update to 3.8.0

pkgsrc changes:
---------------
  * Move POSTFIX_LIBDIR.
   2017-03-04 07:26:42 by Takahiro Kambe | Files touched by this commit (7)
Log message:
Reset PKGREVISION.
   2017-01-22 00:49:02 by Roland Illig | Files touched by this commit (8)
Log message:
Fixed PKGREVISION to be only defined directly in the package Makefile.
   2016-09-18 19:10:29 by Takahiro Kambe | Files touched by this commit (11)
Log message:
Update postfix to 3.1.2.

3.1.0

The main changes in no particular order are:

  * "postfix tls" command to simplify setup of opportunistic TLS,
    and to simplify SMTP server key/certificate management.

  * Positive and negative DNS reply TTL support in postscreen(8).

  * SASL AUTH rate limit in the Postfix SMTP server.

  * A safety limit on the number of address verify requests.

  * JSON-format Postfix queue listing.

  * Destination-independent delivery rate delay

For details, see the RELEASE_NOTES file.

3.1.1

Fixed in all supported releases:

  * The Milter "replace sender" (SMFIR_CHGFROM) request lost an
    address that was added with sender_bcc_maps, resulting in a
    "rcpt count mismatch" warning. Reported by Joerg Backschues.
    This defect was introduced with Postfix 2.6.

  * The "bad filetype" example in the header_checks(5) manpage
    falsely rejected Content- headers with ``name="example";
    x-apple-part-url="example.com"''.  Reported by Cedric Knight.
    This defect was introduced with Postfix 2.6.

3.1.2

Fixed with Postfix 3.1.2:

  * Changes to make Postfix build with OpenSSL 1.1.0.

Fixed with Postfix 3.1.2 and 3.0.6:

  * The makedefs script ignored readme_directory=pathname overrides.
    Fix by Todd C. Olson.

  * The tls_session_ticket_cipher documentation says that the default
    cipher for TLS session tickets is aes-256-cbc, but the implemented
    default was aes-128-cbc. Note that TLS session ticket keys are
    rotated after 1/2 hour, to limit the impact of attacks on session
    ticket keys.
   2015-10-05 02:14:13 by Takahiro Kambe | Files touched by this commit (5)
Log message:
Bump PKGREVISION.
   2015-10-05 02:05:31 by Takahiro Kambe | Files touched by this commit (5)
Log message:
Link with corect rpath.  Fix PR pkg/50299.

Next | Query returned 7 messages, browsing 1 to 10 | previous