CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist
Module Name:src Committed By: riz Date: Wed Nov 2 20:39:02 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY src/external/ibm-public/postfix/dist/src/global [netbsd-5]: mail_version.h mime_state.c src/external/ibm-public/postfix/dist/src/master [netbsd-5]: master_avail.c src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd.c smtpd_proxy.c Log Message: Apply patch (requested by tron in ticket #1686): external/ibm-public/postfix/dist/HISTORYpatch external/ibm-public/postfix/dist/src/global/mail_version.h patch external/ibm-public/postfix/dist/src/global/mime_state.c patch external/ibm-public/postfix/dist/src/master/master_avail.c patch external/ibm-public/postfix/dist/src/smtpd/smtpd.c patch external/ibm-public/postfix/dist/src/smtpd/smtpd_proxy.c patch Update Postfix 2.7.7. Changes since version 2.7.6: - The Postfix SMTP daemon sent bare newline characters instead of CRLF when a header_checks REJECT pattern matched multi-line header. This bug was introduced with Postfix 1.1. - The Postfix SMTP daemon sent bare newline characters instead of CRLF when an smtpd_proxy_filter returned a multi-line response. This bug was introduced with Postfix 2.1. - For compatibility with future EAI (email address internationalization) implementations, the Postfix MIME processor no longer enforces the strict_mime_encoding_domain check on unknown message subtypes such as message/global*. This check is disabled by default. - The Postfix master daemon could report a panic error (master_spawn: at process limit) after the process limit for some service was reduced with postfix reload. This bug existed in all Postfix versions. [tron, ticket #1686] To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.2.8 -r1.1.1.2.2.9 \ src/external/ibm-public/postfix/dist/HISTORY cvs rdiff -u -r1.1.1.2.2.8 -r1.1.1.2.2.9 \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/global/mime_state.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/master/master_avail.c cvs rdiff -u -r1.2.2.5 -r1.2.2.6 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_proxy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/HISTORY diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.9 --- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8 Sat Sep 17 18:57:32 2011 +++ src/external/ibm-public/postfix/dist/HISTORY Wed Nov 2 20:39:01 2011 @@ -15956,3 +15956,36 @@ Apologies for any names omitted. Bugfix: allow for Milters that send an SMTP server reply without RFC 3463 enhanced status code. Reported by Vladimir Vassiliev. File: milter/milter8.c. + +20110903 + + Bugfix: master daemon panic with master_spawn: at process + limit error, when postfix reload reduced the process + limit from (a value larger than the current process count + for some service) to (a value = the current process count), + and then a new connection was made to that service. This + is the smallest change that eliminates the problem. The + final solution involves structural change, and goes into + the development release. File: master/master_avail.c. + +20110921 + + Bugfix (introduced: Postfix 1.1): smtpd(8) did not sanitize + newline characters in cleanup(8) REJECT messages, causing + them to be sent out via SMTP as bare newline characters. + This happened when a REJECT pattern matched multi-line + header text. Discovered by Kevin Locke. File: smtpd/smtpd.c. + +20110922 + + Bugfix (introduced: Postfix 2.1): smtpd(8) sent multi-line + responses from a before-queue content filter as text with + bare LF instead of CRLF. Found during code maintenance. + File: smtpd/smtpd_proxy.c. + +20111020 + + EAI Future-proofing: don't apply strict_mime_encoding_domain + checks to unknown message subtypes such as message/global*. + File: global/mime_state.c. + Index: src/external/ibm-public/postfix/dist/src/global/mail_version.h diff -u src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.8 src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.9 --- src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.8 Sat Sep 17 18:57:34 2011 +++ src/external/ibm-public/postfix/dist/src/global/mail_version.h Wed Nov 2 20:39:01 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: mail_version.h,v 1.1.1.2.2.8 2011/09/17
CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist
Module Name:src Committed By: bouyer Date: Sat Sep 17 18:57:34 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY src/external/ibm-public/postfix/dist/README_FILES [netbsd-5]: MILTER_README src/external/ibm-public/postfix/dist/html [netbsd-5]: MILTER_README.html src/external/ibm-public/postfix/dist/proto [netbsd-5]: MILTER_README.html src/external/ibm-public/postfix/dist/src/global [netbsd-5]: mail_version.h src/external/ibm-public/postfix/dist/src/milter [netbsd-5]: milter8.c src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd_state.c Log Message: Apply patch, requested by tron in ticket #1669: external/ibm-public/postfix/dist/HISTORYpatch external/ibm-public/postfix/dist/README_FILES/MILTER_README patch external/ibm-public/postfix/dist/html/MILTER_README.htmlpatch external/ibm-public/postfix/dist/proto/MILTER_README.html patch external/ibm-public/postfix/dist/src/global/mail_version.h patch external/ibm-public/postfix/dist/src/milter/milter8.c patch external/ibm-public/postfix/dist/src/smtpd/smtpd_state.cpatch Update Postfix to version 2.7.6. Changes since version 2.7.5: - The Postfix Milter client logged a milter miltername: malformed reply error when a Milter sent an SMTP response without enhanced status code (i.e. XXX Text instead of XXX X.X.X Text). - The Postfix Milter client sent a random {client_connections} macro value when the remote SMTP client was not subject to any smtpd_client_* limit. As a workaround, it now sends a zero value instead. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.2.7 -r1.1.1.2.2.8 \ src/external/ibm-public/postfix/dist/HISTORY cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/README_FILES/MILTER_README cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/html/MILTER_README.html cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/proto/MILTER_README.html cvs rdiff -u -r1.1.1.2.2.7 -r1.1.1.2.2.8 \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \ src/external/ibm-public/postfix/dist/src/milter/milter8.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_state.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/HISTORY diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.7 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8 --- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.7 Tue Aug 9 18:58:15 2011 +++ src/external/ibm-public/postfix/dist/HISTORY Sat Sep 17 18:57:32 2011 @@ -15942,3 +15942,17 @@ IP queries even if the name has an alphanumerical prefix. We play safe, and skip RHSBL queries for names ending in a numerical suffix. File: smtpd/smtpd_check.c. + +20110811 + + Workaround: report a {client_connections} Milter macro value + of zero instead of garbage, when the remote SMTP client is + not subject to any smtpd_client_* limits. Problem reported + by Christian Roessner. File: smtpd/smtpd_state.c, + proto/MILTER_README.html. + +20110831 + + Bugfix: allow for Milters that send an SMTP server reply + without RFC 3463 enhanced status code. Reported by Vladimir + Vassiliev. File: milter/milter8.c. Index: src/external/ibm-public/postfix/dist/README_FILES/MILTER_README diff -u src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.3 src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.4 --- src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.3 Sun Nov 21 18:31:23 2010 +++ src/external/ibm-public/postfix/dist/README_FILES/MILTER_README Sat Sep 17 18:57:33 2011 @@ -337,8 +337,11 @@ |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | |{client_addr} |Always |Client IP address | |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | -|{client_connections}|CONNECT |Connection concurrency for| -|| |this client | +|| |Connection concurrency for| +|| |this client (zero if the | +
CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist
Module Name:src Committed By: riz Date: Tue Aug 9 18:58:18 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY makedefs postfix-install src/external/ibm-public/postfix/dist/src/cleanup [netbsd-5]: cleanup_milter.c src/external/ibm-public/postfix/dist/src/global [netbsd-5]: abounce.c abounce.h mail_version.h src/external/ibm-public/postfix/dist/src/local [netbsd-5]: Makefile.in bounce_workaround.c mailbox.c unknown.c src/external/ibm-public/postfix/dist/src/master [netbsd-5]: master_ent.c src/external/ibm-public/postfix/dist/src/milter [netbsd-5]: milter8.c src/external/ibm-public/postfix/dist/src/oqmgr [netbsd-5]: qmgr_active.c src/external/ibm-public/postfix/dist/src/postdrop [netbsd-5]: postdrop.c src/external/ibm-public/postfix/dist/src/qmgr [netbsd-5]: qmgr_active.c src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd_check.c src/external/ibm-public/postfix/dist/src/util [netbsd-5]: sys_defs.h Log Message: Apply patches (requested by tron in ticket #1653): external/ibm-public/postfix/dist/HISTORYpatch external/ibm-public/postfix/dist/makedefs patch external/ibm-public/postfix/dist/postfix-install patch external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c patch external/ibm-public/postfix/dist/src/global/abounce.c patch external/ibm-public/postfix/dist/src/global/abounce.h patch external/ibm-public/postfix/dist/src/global/mail_version.h patch external/ibm-public/postfix/dist/src/local/Makefile.in patch external/ibm-public/postfix/dist/src/local/bounce_workaround.c patch external/ibm-public/postfix/dist/src/local/mailbox.c patch external/ibm-public/postfix/dist/src/local/unknown.c patch external/ibm-public/postfix/dist/src/master/master_ent.c patch external/ibm-public/postfix/dist/src/milter/milter8.c patch external/ibm-public/postfix/dist/src/oqmgr/qmgr_active.c patch external/ibm-public/postfix/dist/src/postdrop/postdrop.c patch external/ibm-public/postfix/dist/src/qmgr/qmgr_active.c patch external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c patch external/ibm-public/postfix/dist/src/util/sys_defs.h patch Update Postfix to version 2.7.5. Changes since version 2.7.4: - Performance: a high load of DSN success notification requests could slow down the queue manager. Solution: make the trace client asynchronous, just like the bounce and defer clients. - The local(8) delivery agent ignored table lookup errors in mailbox_command_maps, mailbox_transport_maps, fallback_transport_maps and (while bouncing mail to alias) alias owner lookup. - Workaround: dbl.spamhaus.org rejects lookups with No IP queries even if the name has an alphanumerical prefix. We play safe, and skip both RHSBL and RHSWL queries for names ending in a numerical suffix. - The Postfix Milter client reported a temporary error instead of file too large in three cases. - The sendmail -t command reported protocol error instead of file too large, no space left on device etc. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.2.6 -r1.1.1.2.2.7 \ src/external/ibm-public/postfix/dist/HISTORY cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.2.2.2 -r1.2.2.3 \ src/external/ibm-public/postfix/dist/postfix-install cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/global/abounce.c \ src/external/ibm-public/postfix/dist/src/global/abounce.h cvs rdiff -u -r1.1.1.2.2.6 -r1.1.1.2.2.7 \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/local/Makefile.in \ src/external/ibm-public/postfix/dist/src/local/bounce_workaround.c \ src/external/ibm-public/postfix/dist/src/local/mailbox.c \ src/external/ibm-public/postfix/dist/src/local/unknown.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/master/master_ent.c cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \ src/external/ibm-public/postfix/dist/src/milter/milter8.c cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/oqmgr/qmgr_active.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/postdrop/postdrop.c cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/qmgr/qmgr_active.c cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c cvs rdiff -u -r1.1.1.1.2.5
CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist
Module Name:src Committed By: riz Date: Fri Jul 15 22:29:31 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY src/external/ibm-public/postfix/dist/src/global [netbsd-5]: mail_version.h src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd_sasl_proto.c Log Message: Pull up following revision(s) (requested by tron in ticket #1637): external/ibm-public/postfix/dist/HISTORYpatch external/ibm-public/postfix/dist/src/global/mail_version.h patch external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c patch Update Postfix to version 2.7.4. This update fixes the security vulnerability reported in CVE-2011-1720 which fortunately doesnt To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \ src/external/ibm-public/postfix/dist/HISTORY cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/HISTORY diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.6 --- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5 Thu Mar 24 19:54:07 2011 +++ src/external/ibm-public/postfix/dist/HISTORY Fri Jul 15 22:29:30 2011 @@ -15616,7 +15616,7 @@ for the virtual: transport to /etc/postfix/virtual:. Symptom reported by Christoph Anton Mitterer. -20200102 +20100102 Workaround: don't report bogus Berkeley DB close errors as fatal errors. All operations before close are already error @@ -15884,3 +15884,10 @@ Portability: FreeBSD closefrom() support time window. Sahil Tandon. File: util/sys_defs.h. + +20110414 + + Bugfix (introduced with Postfix SASL patch 2314): don't + reuse a server SASL handle after authentication failure. + Problem reported by Thomas Jarosch of Intra2net AG. File: + smtpd/smtpd_proto.c. Index: src/external/ibm-public/postfix/dist/src/global/mail_version.h diff -u src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.5 src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.6 --- src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.5 Thu Mar 24 19:54:07 2011 +++ src/external/ibm-public/postfix/dist/src/global/mail_version.h Fri Jul 15 22:29:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: mail_version.h,v 1.1.1.2.2.5 2011/03/24 19:54:07 riz Exp $ */ +/* $NetBSD: mail_version.h,v 1.1.1.2.2.6 2011/07/15 22:29:31 riz Exp $ */ #ifndef _MAIL_VERSION_H_INCLUDED_ #define _MAIL_VERSION_H_INCLUDED_ @@ -22,8 +22,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE 20110303 -#define MAIL_VERSION_NUMBER 2.7.3 +#define MAIL_RELEASE_DATE 20110509 +#define MAIL_VERSION_NUMBER 2.7.4 #ifdef SNAPSHOT # define MAIL_VERSION_DATE - MAIL_RELEASE_DATE Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.3 src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.4 --- src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.3 Fri Jan 7 01:24:14 2011 +++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c Fri Jul 15 22:29:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: smtpd_sasl_proto.c,v 1.1.1.1.2.3 2011/01/07 01:24:14 riz Exp $ */ +/* $NetBSD: smtpd_sasl_proto.c,v 1.1.1.1.2.4 2011/07/15 22:29:31 riz Exp $ */ /*++ /* NAME @@ -186,6 +186,27 @@ return (-1); } +/* Don't reuse the SASL handle after authentication failure. */ +#ifndef SMTPD_FLAG_AUTH_USED +#define SMTPD_FLAG_AUTH_USED (115) +#endif +#ifndef XSASL_TYPE_CYRUS +#define XSASL_TYPE_CYRUS cyrus +#endif +if (state-flags SMTPD_FLAG_AUTH_USED) { + smtpd_sasl_deactivate(state); +#ifdef USE_TLS + if (state-tls_context != 0) + smtpd_sasl_activate(state, VAR_SMTPD_SASL_TLS_OPTS, +var_smtpd_sasl_tls_opts); + else +#endif + smtpd_sasl_activate(state, VAR_SMTPD_SASL_OPTS, +var_smtpd_sasl_opts); +} else if (strcmp(var_smtpd_sasl_type, XSASL_TYPE_CYRUS) == 0) { + state-flags |= SMTPD_FLAG_AUTH_USED; +} + /* * All authentication failures shall be logged. The 5xx reply code from * the SASL authentication routine triggers tar-pit delays, which help to
CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist
Module Name:src Committed By: riz Date: Thu Mar 24 19:54:09 UTC 2011 Modified Files: src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY makedefs src/external/ibm-public/postfix/dist/src/cleanup [netbsd-5]: cleanup_map1n.c src/external/ibm-public/postfix/dist/src/global [netbsd-5]: mail_version.h src/external/ibm-public/postfix/dist/src/local [netbsd-5]: recipient.c src/external/ibm-public/postfix/dist/src/master [netbsd-5]: master_sig.c src/external/ibm-public/postfix/dist/src/smtp [netbsd-5]: smtp_proto.c src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd.c src/external/ibm-public/postfix/dist/src/util [netbsd-5]: host_port.c make_dirs.c sys_defs.h watchdog.c Log Message: Apply patches (requested by tron in ticket #1576): Update postfix to version 2.7.3: - Fix for CVE-2011-0411: discard buffered plaintext input, after reading the SMTP STARTTLS command or response. - Fix to the local delivery agent: look up the unextended address in the local aliases database, when that address has a malformed address extension. - Fix to virtual alias expansion: report a tempfail error, instead of silently ignoring recipients that exceed the virtual_alias_expansion_limit or the virtual_alias_recursion_limit. - Fix for BSD-ish mkdir() to prevent maildir directories from inheriting their group ownership from the parent directory. - Fix to the SMTP client: missing support for mail to [ipv6:ipv6addr] address literal destinations. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \ src/external/ibm-public/postfix/dist/HISTORY cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/makedefs cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/cleanup/cleanup_map1n.c cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \ src/external/ibm-public/postfix/dist/src/global/mail_version.h cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/local/recipient.c cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/master/master_sig.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/smtp/smtp_proto.c cvs rdiff -u -r1.2.2.4 -r1.2.2.5 \ src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \ src/external/ibm-public/postfix/dist/src/util/host_port.c \ src/external/ibm-public/postfix/dist/src/util/make_dirs.c \ src/external/ibm-public/postfix/dist/src/util/watchdog.c cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \ src/external/ibm-public/postfix/dist/src/util/sys_defs.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/ibm-public/postfix/dist/HISTORY diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.4 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5 --- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.4 Fri Jan 7 01:23:55 2011 +++ src/external/ibm-public/postfix/dist/HISTORY Thu Mar 24 19:54:07 2011 @@ -15730,6 +15730,18 @@ The last protocol change was in Postfix 2.1. File: util/dict_open.c. +20100422 + + Workaround (introduced: postfix-19990906 a.k.a. Postfix + 0.8.0). The Postfix local delivery agent did not properly + distinguish between address has no extension and address + has an extension, but the extension is invalid. In both + cases it would run only the full recipient local-part through + the alias maps. Instead, it now drops the faulty extension + from the recipient address local-part (it would be too + error-prone to replace all tests for no extension by tests + for no valid extension. File: local/recipient.c. + 20100515 Bugfix (introduced Postfix 2.6): the Postfix SMTP client @@ -15816,3 +15828,59 @@ compliance. We now make an exception for final replies, as permitted by RFC. Solution by Victor Duchovni. File: smtpd/smtpd.c. + +20101201 + + Workaround: BSD-ish mkdir() ignores the effective GID and + copies group ownership from the parent directory. File: + util/make_dirs.c. + +20101202 + + Cleanup: the cleanup server now reports a temporary delivery + error when it reaches the virtual_alias_expansion_limit or + virtual_alias_recursion_limit. Previously, it would silently + ignore the excess recipients and deliver the message. File: + cleanup/cleanup_map1n.c. + +20110105 + + Bugfix (introduced with the Postfix TLS patch): discard + plaintext following the STARTTLS command or response. This + matters only for the minority of SMTP clients that actually + verify server certificates. Files: smtpd/smtpd.c, + smtp/smtp_proto.c. + + This vulnerability is also known as