[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-2.9.6.html]
Postfix stable release 2.9.6, and legacy releases 2.8.14, 2.7.13,
2.6.19 are available. They contain fixes and workarounds that are
also part of Postfix 2.10.
Postfix 2.9:
* Thanks to OpenSSL documentation, the Postfix 2.9.0..2.9.5 SMTP
client and server used an incorrect procedure to compute TLS
certificate PUBLIC-KEY fingerprints (these may be used in the
check_ccert_access and in smtp_tls_policy_maps features). Support
for certificate PUBLIC-KEY finger prints was introduced with
Postfix 2.9; there is no known problem with the certificate
fingerprint algorithms available since Postfix 2.2.
Specify "tls_legacy_public_key_fingerprints = yes" temporarily,
pending a migration from configuration files with incorrect
Postfix 2.9.0..2.9.5 certificate PUBLIC-KEY finger prints, to
the correct fingerprints used by Postfix 2.9.6 and later.
See the RELEASE_NOTES file for more details.
All supported releases:
* The postconf(1) master.cf options parser didn't support "clusters"
of daemon command-line option letters.
* The local(8) delivery agent dereferenced a null pointer while
delivering to null command (for example, "|" in a .forward
file). Reported by Gilles Chehade.
* A memory leak fix for tls_misc.c was documented but not included.
You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
Wietse
