Hello community,
here is the log from the commit of package postfix for openSUSE:Factory checked
in at 2020-11-12 22:37:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/postfix (Old)
and /work/SRC/openSUSE:Factory/.postfix.new.24930 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix"
Thu Nov 12 22:37:05 2020 rev:191 rq:846986 version:3.5.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/postfix/postfix.changes 2020-09-04
10:52:56.950425258 +0200
+++ /work/SRC/openSUSE:Factory/.postfix.new.24930/postfix.changes
2020-11-12 22:37:30.874024219 +0100
@@ -1,0 +2,22 @@
+Sun Nov 8 20:59:23 UTC 2020 - Michael Ströder <mich...@stroeder.com>
+
+- Update to 3.5.8
+ * The Postfix SMTP client inserted <CR><LF> into message headers longer
+ than $line_length_limit (default: 2048), causing all subsequent header
+ content to become message body content.
+ * The postscreen daemon did not save a copy of the
+ postscreen_dnsbl_reply_map lookup result. This has no effect when the
+ recommended texthash: look table is used, but it could result in stale
+ data with other lookup tables.
+ * After deleting a recipient with a Milter, the Postfix recipient
+ duplicate filter was not updated; the filter suppressed requests
+ to add the recipient back.
+ * Memory leak: the static: maps did not free their casefolding buffer.
+ * With "smtpd_tls_wrappermode = yes", the smtps service was waiting for a
+ TLS handshake, after processing an XCLIENT command.
+ * The smtp_sasl_mechanism_filter implementation ignored table lookup
+ errors, treating them as 'not found'.
+ * The code that looks for Delivered-To: headers ignored headers longer
+ than $line_length_limit (default: 2048).
+
+-------------------------------------------------------------------
Old:
----
postfix-3.5.7.tar.gz
postfix-3.5.7.tar.gz.asc
New:
----
postfix-3.5.8.tar.gz
postfix-3.5.8.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ postfix.spec ++++++
--- /var/tmp/diff_new_pack.5vXvcH/_old 2020-11-12 22:37:31.942025334 +0100
+++ /var/tmp/diff_new_pack.5vXvcH/_new 2020-11-12 22:37:31.946025338 +0100
@@ -56,7 +56,7 @@
%endif
%bcond_without ldap
Name: postfix
-Version: 3.5.7
+Version: 3.5.8
Release: 0
Summary: A fast, secure, and flexible mailer
License: IPL-1.0 OR EPL-2.0
++++++ postfix-3.5.7.tar.gz -> postfix-3.5.8.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/HISTORY new/postfix-3.5.8/HISTORY
--- old/postfix-3.5.7/HISTORY 2020-08-30 16:15:56.000000000 +0200
+++ new/postfix-3.5.8/HISTORY 2020-11-05 00:11:27.000000000 +0100
@@ -24834,3 +24834,51 @@
Cleanup: the posttls-finger '-X' option reported a false
conflict with '-r'. File: posttls-finger/posttls-finger.c.
+
+20200830
+
+ Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
+ ignored table lookup errors, treating them as 'not found'.
+ Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
+
+202000920
+
+ Bugfix (introduced: Postfix 2.3): when deleting a recipient
+ with a milter, delete the recipient from the duplicate
+ filter, so that the recipient can be added back. Backported
+ from Postfix 3.6. Files: global/been_here.[hc],
+ cleanup/cleanup_milter.c.
+
+20200925
+
+ Bugfix (introduced: before Postfix alpha): the code that
+ looks for Delivered-To: headers ignored headers longer than
+ $line_length_limit. Backported from Postfix 3.6. File:
+ global/delivered_hdr.c.
+
+20201011
+
+ Bugfix (introduced: Postfix 2.8): save a copy of the
+ postscreen_dnsbl_reply_map lookup result. This has no effect
+ when the recommended texthash: look table is used, but it
+ may avoid stale data with other lookup tables. File:
+ postscreen/postscreen_dnsbl.c.
+
+20201022
+
+ Bugfix (introduced: Postfix 2.2): after processing an
+ XCCLIENT command, the smtps service was waiting for a TLS
+ handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
+
+20201025
+
+ Bugfix (introduced: Postfix 2.3): static maps did not free
+ their casefolding buffer. File: util/dict_static.c.
+
+20201104
+
+ Bugfix (introduced: Postfix 3.5): the Postfix SMTP client
+ broke message headers longer than $line_length_limit, causing
+ subsequent header content to become message body content.
+ Reported by Andreas Weigel, fix by Viktor Dukhovni. File:
+ smtp/smtp_proto.c.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/cleanup/cleanup_milter.c
new/postfix-3.5.8/src/cleanup/cleanup_milter.c
--- old/postfix-3.5.7/src/cleanup/cleanup_milter.c 2020-03-08
16:42:19.000000000 +0100
+++ new/postfix-3.5.8/src/cleanup/cleanup_milter.c 2020-11-04
22:06:12.000000000 +0100
@@ -1803,6 +1803,10 @@
}
count++;
}
+ if (var_enable_orcpt)
+ been_here_drop(state->dups, "%s\n%d\n%s\n%s",
+ dsn_orcpt ? dsn_orcpt : "", dsn_notify,
+ orig_rcpt ? orig_rcpt : "", STR(int_rcpt_buf));
/* FALLTHROUGH */
case REC_TYPE_DRCP: /* canceled recipient */
case REC_TYPE_DONE: /* can't happen */
@@ -1818,6 +1822,8 @@
break;
}
}
+ if (var_enable_orcpt == 0 && count > 0)
+ been_here_drop_fixed(state->dups, STR(int_rcpt_buf));
if (msg_verbose)
msg_info("%s: deleted %d records for recipient \"%s\"",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/global/been_here.c
new/postfix-3.5.8/src/global/been_here.c
--- old/postfix-3.5.7/src/global/been_here.c 2019-02-10 00:26:28.000000000
+0100
+++ new/postfix-3.5.8/src/global/been_here.c 2020-11-04 22:06:12.000000000
+0100
@@ -26,6 +26,14 @@
/* BH_TABLE *dup_filter;
/* char *format;
/*
+/* int been_here_drop_fixed(dup_filter, string)
+/* BH_TABLE *dup_filter;
+/* char *string;
+/*
+/* int been_here_drop(dup_filter, format, ...)
+/* BH_TABLE *dup_filter;
+/* char *format;
+/*
/* void been_here_free(dup_filter)
/* BH_TABLE *dup_filter;
/* DESCRIPTION
@@ -46,6 +54,16 @@
/* been_here_check_fixed() and been_here_check() are similar
/* but do not update the duplicate filter.
/*
+/* been_here_drop_fixed() looks up a fixed string in the given
+/* table, and deletes the entry if the string was found. The
+/* result is non-zero (true) if the string was found, zero
+/* (false) otherwise.
+/*
+/* been_here_drop() formats its arguments, looks up the result
+/* in the given table, and removes the entry if the formatted
+/* result was found. The result is non-zero (true) if the
+/* formatted result was found, zero (false) otherwise.
+/*
/* been_here_free() releases storage for a duplicate filter.
/*
/* Arguments:
@@ -243,6 +261,67 @@
/*
* Cleanup.
+ */
+ if (folded_string)
+ vstring_free(folded_string);
+
+ return (status);
+}
+
+/* been_here_drop - remove filter entry with finer control */
+
+int been_here_drop(BH_TABLE *dup_filter, const char *fmt,...)
+{
+ VSTRING *buf = vstring_alloc(100);
+ int status;
+ va_list ap;
+
+ /*
+ * Construct the string to be dropped.
+ */
+ va_start(ap, fmt);
+ vstring_vsprintf(buf, fmt, ap);
+ va_end(ap);
+
+ /*
+ * Drop the filter entry.
+ */
+ status = been_here_drop_fixed(dup_filter, vstring_str(buf));
+
+ /*
+ * Cleanup.
+ */
+ vstring_free(buf);
+ return (status);
+}
+
+/* been_here_drop_fixed - remove filter entry */
+
+int been_here_drop_fixed(BH_TABLE *dup_filter, const char *string)
+{
+ VSTRING *folded_string;
+ const char *lookup_key;
+ int status;
+
+ /*
+ * Special processing: case insensitive lookup.
+ */
+ if (dup_filter->flags & BH_FLAG_FOLD) {
+ folded_string = vstring_alloc(100);
+ lookup_key = casefold(folded_string, string);
+ } else {
+ folded_string = 0;
+ lookup_key = string;
+ }
+
+ /*
+ * Drop the filter entry.
+ */
+ if ((status = been_here_check_fixed(dup_filter, lookup_key)) != 0)
+ htable_delete(dup_filter->table, lookup_key, (void (*) (void *)) 0);
+
+ /*
+ * Cleanup.
*/
if (folded_string)
vstring_free(folded_string);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/global/been_here.h
new/postfix-3.5.8/src/global/been_here.h
--- old/postfix-3.5.7/src/global/been_here.h 2019-02-10 00:26:58.000000000
+0100
+++ new/postfix-3.5.8/src/global/been_here.h 2020-11-04 22:06:12.000000000
+0100
@@ -35,6 +35,8 @@
extern int PRINTFLIKE(2, 3) been_here(BH_TABLE *, const char *,...);
extern int been_here_check_fixed(BH_TABLE *, const char *);
extern int PRINTFLIKE(2, 3) been_here_check(BH_TABLE *, const char *,...);
+extern int been_here_drop_fixed(BH_TABLE *, const char *);
+extern int PRINTFLIKE(2, 3) been_here_drop(BH_TABLE *, const char *,...);
/* LICENSE
/* .ad
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/global/delivered_hdr.c
new/postfix-3.5.8/src/global/delivered_hdr.c
--- old/postfix-3.5.7/src/global/delivered_hdr.c 2015-01-27
16:22:33.000000000 +0100
+++ new/postfix-3.5.8/src/global/delivered_hdr.c 2020-11-04
22:10:00.000000000 +0100
@@ -115,6 +115,8 @@
char *cp;
DELIVERED_HDR_INFO *info;
const HEADER_OPTS *hdr;
+ int curr_type;
+ int prev_type;
/*
* Sanity check.
@@ -130,15 +132,20 @@
/*
* XXX Assume that mail_copy() produces delivered-to headers that fit in
- * a REC_TYPE_NORM record. Lowercase the delivered-to addresses for
- * consistency.
+ * a REC_TYPE_NORM or REC_TYPE_CONT record. Lowercase the delivered-to
+ * addresses for consistency.
*
* XXX Don't get bogged down by gazillions of delivered-to headers.
*/
#define DELIVERED_HDR_LIMIT 1000
- while (rec_get(fp, info->buf, 0) == REC_TYPE_NORM
- && info->table->used < DELIVERED_HDR_LIMIT) {
+ for (prev_type = REC_TYPE_NORM;
+ info->table->used < DELIVERED_HDR_LIMIT
+ && ((curr_type = rec_get(fp, info->buf, 0)) == REC_TYPE_NORM
+ || curr_type == REC_TYPE_CONT);
+ prev_type = curr_type) {
+ if (prev_type != REC_TYPE_NORM)
+ continue;
if (is_header(STR(info->buf))) {
if ((hdr = header_opts_find(STR(info->buf))) != 0
&& hdr->type == HDR_DELIVERED_TO) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/global/mail_version.h
new/postfix-3.5.8/src/global/mail_version.h
--- old/postfix-3.5.7/src/global/mail_version.h 2020-08-30 15:53:35.000000000
+0200
+++ new/postfix-3.5.8/src/global/mail_version.h 2020-11-07 22:27:54.000000000
+0100
@@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20200830"
-#define MAIL_VERSION_NUMBER "3.5.7"
+#define MAIL_RELEASE_DATE "20201107"
+#define MAIL_VERSION_NUMBER "3.5.8"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/postscreen/postscreen_dnsbl.c
new/postfix-3.5.8/src/postscreen/postscreen_dnsbl.c
--- old/postfix-3.5.7/src/postscreen/postscreen_dnsbl.c 2017-02-19
02:58:20.000000000 +0100
+++ new/postfix-3.5.8/src/postscreen/postscreen_dnsbl.c 2020-11-04
22:16:47.000000000 +0100
@@ -231,6 +231,7 @@
int weight;
HTABLE_INFO *ht;
char *parse_err;
+ const char *safe_dnsbl;
/*
* Parse the required DNSBL domain name, the optional reply filter and
@@ -271,8 +272,9 @@
ht = htable_enter(dnsbl_site_cache, saved_site, (void *) head);
/* Translate the DNSBL name into a safe name if available. */
if (psc_dnsbl_reply == 0
- || (head->safe_dnsbl = dict_get(psc_dnsbl_reply, saved_site)) == 0)
- head->safe_dnsbl = ht->key;
+ || (safe_dnsbl = dict_get(psc_dnsbl_reply, saved_site)) == 0)
+ safe_dnsbl = ht->key;
+ head->safe_dnsbl = mystrdup(safe_dnsbl);
if (psc_dnsbl_reply && psc_dnsbl_reply->error)
msg_fatal("%s:%s lookup error", psc_dnsbl_reply->type,
psc_dnsbl_reply->name);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/smtp/smtp_proto.c
new/postfix-3.5.8/src/smtp/smtp_proto.c
--- old/postfix-3.5.7/src/smtp/smtp_proto.c 2019-06-13 23:08:33.000000000
+0200
+++ new/postfix-3.5.8/src/smtp/smtp_proto.c 2020-11-04 22:26:11.000000000
+0100
@@ -1389,17 +1389,17 @@
/* smtp_out_raw_or_mime - output buffer, raw output or MIME-aware */
-static int smtp_out_raw_or_mime(SMTP_STATE *state, VSTRING *buf)
+static int smtp_out_raw_or_mime(SMTP_STATE *state, int rec_type, VSTRING *buf)
{
SMTP_SESSION *session = state->session;
int mime_errs;
if (session->mime_state == 0) {
- smtp_text_out((void *) state, REC_TYPE_NORM, vstring_str(buf),
+ smtp_text_out((void *) state, rec_type, vstring_str(buf),
VSTRING_LEN(buf), (off_t) 0);
} else {
mime_errs =
- mime_state_update(session->mime_state, REC_TYPE_NORM,
+ mime_state_update(session->mime_state, rec_type,
vstring_str(buf), VSTRING_LEN(buf));
if (mime_errs) {
smtp_mime_fail(state, mime_errs);
@@ -1423,7 +1423,7 @@
vstring_str(session->scratch2),
QUOTE_FLAG_DEFAULT | QUOTE_FLAG_APPEND);
vstring_strcat(session->scratch, gt);
- return (smtp_out_raw_or_mime(state, session->scratch));
+ return (smtp_out_raw_or_mime(state, REC_TYPE_NORM, session->scratch));
}
/* smtp_out_add_headers - output additional headers, uses session->scratch* */
@@ -2307,7 +2307,8 @@
while ((rec_type = rec_get(state->src, session->scratch, 0)) >
0) {
if (rec_type != REC_TYPE_NORM && rec_type != REC_TYPE_CONT)
break;
- if (smtp_out_raw_or_mime(state, session->scratch) < 0)
+ if (smtp_out_raw_or_mime(state, rec_type,
+ session->scratch) < 0)
RETURN(0);
prev_type = rec_type;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/smtp/smtp_sasl_proto.c
new/postfix-3.5.8/src/smtp/smtp_sasl_proto.c
--- old/postfix-3.5.7/src/smtp/smtp_sasl_proto.c 2014-12-12
20:33:27.000000000 +0100
+++ new/postfix-3.5.8/src/smtp/smtp_sasl_proto.c 2020-11-05
00:33:50.000000000 +0100
@@ -102,6 +102,8 @@
if (VSTRING_LEN(buf) > 0)
VSTRING_ADDCH(buf, ' ');
vstring_strcat(buf, mech);
+ } else if (smtp_sasl_mechs->error) {
+ msg_fatal("SASL mechanism filter failed for: '%s'", mech);
}
}
myfree(save_mech);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/smtpd/smtpd.c
new/postfix-3.5.8/src/smtpd/smtpd.c
--- old/postfix-3.5.7/src/smtpd/smtpd.c 2020-03-12 16:15:34.000000000 +0100
+++ new/postfix-3.5.8/src/smtpd/smtpd.c 2020-11-04 22:20:42.000000000 +0100
@@ -5458,7 +5458,8 @@
* obsolete, so we don't have to provide perfect support.
*/
#ifdef USE_TLS
- if (SMTPD_STAND_ALONE(state) == 0 && var_smtpd_tls_wrappermode) {
+ if (SMTPD_STAND_ALONE(state) == 0 && var_smtpd_tls_wrappermode
+ && state->tls_context == 0) {
#ifdef USE_TLSPROXY
/* We garbage-collect the VSTREAM in smtpd_state_reset() */
state->tlsproxy =
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/postfix-3.5.7/src/util/dict_static.c
new/postfix-3.5.8/src/util/dict_static.c
--- old/postfix-3.5.7/src/util/dict_static.c 2018-11-06 01:25:30.000000000
+0100
+++ new/postfix-3.5.8/src/util/dict_static.c 2020-11-04 22:37:34.000000000
+0100
@@ -73,6 +73,8 @@
if (dict_static->value)
myfree(dict_static->value);
+ if (dict->fold_buf)
+ vstring_free(dict->fold_buf);
dict_free(dict);
}
_______________________________________________
openSUSE Commits mailing list -- commit@lists.opensuse.org
To unsubscribe, email commit-le...@lists.opensuse.org
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives:
https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
