[An on-line version of this announcement will be available at
https://www.postfix.org/announcements/postfix-3.10.3.html]
This release fixes defects that were introduced in Postfix 3.10.
These were fixed first in the Postfix 3.11 unstable release.
The defects exist only with the default configuration "tls_required_enable
= yes".
* Bugfix (defect introduced: Postfix-3.10, date 20250117): include
the current TLS security level in the SMTP connection cache
lookup key for lookups by next-hop destination, to avoid reusing
the same SMTP connection when sending messages with and without
a "TLS-Required: no" header. Likewise, include the current TLS
security level in the TLS session lookup key, to avoid reusing
the same TLS session info when sending messages with and without
a "TLS-Required: no" header.
* Bugfix (defect introduced: Postfix-3.10, date 20250117): the
Postfix SMTP client attempted to look up TLSA records even with
"TLS-Required: no". This could result in unnecessary failures.
Fix by Viktor Dukhovni & Wietse.
You can find the updated Postfix source code at the mirrors listed
at https://www.postfix.org/.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
