subject:"CVS commit\: \[netbsd\-5\] src\/external\/ibm\-public\/postfix\/dist"

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

2011-11-02 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Wed Nov  2 20:39:02 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY
src/external/ibm-public/postfix/dist/src/global [netbsd-5]:
mail_version.h mime_state.c
src/external/ibm-public/postfix/dist/src/master [netbsd-5]:
master_avail.c
src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd.c
smtpd_proxy.c

Log Message:
Apply patch (requested by tron in ticket #1686):

external/ibm-public/postfix/dist/HISTORYpatch
external/ibm-public/postfix/dist/src/global/mail_version.h patch
external/ibm-public/postfix/dist/src/global/mime_state.c patch
external/ibm-public/postfix/dist/src/master/master_avail.c patch
external/ibm-public/postfix/dist/src/smtpd/smtpd.c patch
external/ibm-public/postfix/dist/src/smtpd/smtpd_proxy.c patch

Update Postfix 2.7.7. Changes since version 2.7.6:
- The Postfix SMTP daemon sent bare newline characters
  instead of CRLF when a header_checks REJECT pattern
  matched multi-line header. This bug was introduced with
  Postfix 1.1.
- The Postfix SMTP daemon sent bare newline characters
  instead of CRLF when an smtpd_proxy_filter returned a
  multi-line response. This bug was introduced with Postfix
  2.1.
- For compatibility with future EAI (email address
  internationalization) implementations, the Postfix MIME
  processor no longer enforces the strict_mime_encoding_domain
  check on unknown message subtypes such as
  message/global*. This check is disabled by default.
- The Postfix master daemon could report a panic error
  (master_spawn: at process limit) after the process limit
  for some service was reduced with postfix reload. This bug
  existed in all Postfix versions.
[tron, ticket #1686]


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.2.8 -r1.1.1.2.2.9 \
src/external/ibm-public/postfix/dist/HISTORY
cvs rdiff -u -r1.1.1.2.2.8 -r1.1.1.2.2.9 \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/global/mime_state.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/master/master_avail.c
cvs rdiff -u -r1.2.2.5 -r1.2.2.6 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd_proxy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/HISTORY
diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.9
--- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8	Sat Sep 17 18:57:32 2011
+++ src/external/ibm-public/postfix/dist/HISTORY	Wed Nov  2 20:39:01 2011
@@ -15956,3 +15956,36 @@ Apologies for any names omitted.
 	Bugfix: allow for Milters that send an SMTP server reply
 	without RFC 3463 enhanced status code. Reported by Vladimir
 	Vassiliev.  File: milter/milter8.c.
+
+20110903
+
+	Bugfix: master daemon panic with master_spawn: at process
+	limit error, when postfix reload reduced the process
+	limit from (a value larger than the current process count
+	for some service) to (a value = the current process count),
+	and then a new connection was made to that service.  This
+	is the smallest change that eliminates the problem. The
+	final solution involves structural change, and goes into
+	the development release. File: master/master_avail.c.
+
+20110921
+
+	Bugfix (introduced: Postfix 1.1): smtpd(8) did not sanitize
+	newline characters in cleanup(8) REJECT messages, causing
+	them to be sent out via SMTP as bare newline characters.
+	This happened when a REJECT pattern matched multi-line
+	header text.  Discovered by Kevin Locke.  File: smtpd/smtpd.c.
+
+20110922
+
+	Bugfix (introduced: Postfix 2.1): smtpd(8) sent multi-line
+	responses from a before-queue content filter as text with
+	bare LF instead of CRLF.  Found during code maintenance.
+	File: smtpd/smtpd_proxy.c.
+
+20111020
+
+	EAI Future-proofing: don't apply strict_mime_encoding_domain
+	checks to unknown message subtypes such as message/global*.
+	File: global/mime_state.c.
+

Index: src/external/ibm-public/postfix/dist/src/global/mail_version.h
diff -u src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.8 src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.9
--- src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.8	Sat Sep 17 18:57:34 2011
+++ src/external/ibm-public/postfix/dist/src/global/mail_version.h	Wed Nov  2 20:39:01 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_version.h,v 1.1.1.2.2.8 2011/09/17

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

2011-09-17 Thread Manuel Bouyer

Module Name:src
Committed By:   bouyer
Date:   Sat Sep 17 18:57:34 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY
src/external/ibm-public/postfix/dist/README_FILES [netbsd-5]:
MILTER_README
src/external/ibm-public/postfix/dist/html [netbsd-5]:
MILTER_README.html
src/external/ibm-public/postfix/dist/proto [netbsd-5]:
MILTER_README.html
src/external/ibm-public/postfix/dist/src/global [netbsd-5]:
mail_version.h
src/external/ibm-public/postfix/dist/src/milter [netbsd-5]: milter8.c
src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]:
smtpd_state.c

Log Message:
Apply patch, requested by tron in ticket #1669:
external/ibm-public/postfix/dist/HISTORYpatch
external/ibm-public/postfix/dist/README_FILES/MILTER_README patch
external/ibm-public/postfix/dist/html/MILTER_README.htmlpatch
external/ibm-public/postfix/dist/proto/MILTER_README.html   patch
external/ibm-public/postfix/dist/src/global/mail_version.h  patch
external/ibm-public/postfix/dist/src/milter/milter8.c   patch
external/ibm-public/postfix/dist/src/smtpd/smtpd_state.cpatch

Update Postfix to version 2.7.6. Changes since version 2.7.5:
- The Postfix Milter client logged a milter miltername: malformed
  reply error when a Milter sent an SMTP response without enhanced
  status code (i.e. XXX Text instead of XXX X.X.X Text).
- The Postfix Milter client sent a random {client_connections} macro
  value when the remote SMTP client was not subject to any
  smtpd_client_* limit. As a workaround, it now sends a zero value
  instead.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.2.7 -r1.1.1.2.2.8 \
src/external/ibm-public/postfix/dist/HISTORY
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/README_FILES/MILTER_README
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/html/MILTER_README.html
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/proto/MILTER_README.html
cvs rdiff -u -r1.1.1.2.2.7 -r1.1.1.2.2.8 \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \
src/external/ibm-public/postfix/dist/src/milter/milter8.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd_state.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/HISTORY
diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.7 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.8
--- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.7	Tue Aug  9 18:58:15 2011
+++ src/external/ibm-public/postfix/dist/HISTORY	Sat Sep 17 18:57:32 2011
@@ -15942,3 +15942,17 @@
 	IP queries even if the name has an alphanumerical prefix.
 	We play safe, and skip RHSBL queries for names ending in a
 	numerical suffix.  File: smtpd/smtpd_check.c.
+
+20110811
+
+	Workaround: report a {client_connections} Milter macro value
+	of zero instead of garbage, when the remote SMTP client is
+	not subject to any smtpd_client_* limits. Problem reported
+	by Christian Roessner. File: smtpd/smtpd_state.c,
+	proto/MILTER_README.html.
+
+20110831
+
+	Bugfix: allow for Milters that send an SMTP server reply
+	without RFC 3463 enhanced status code. Reported by Vladimir
+	Vassiliev.  File: milter/milter8.c.

Index: src/external/ibm-public/postfix/dist/README_FILES/MILTER_README
diff -u src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.3 src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.4
--- src/external/ibm-public/postfix/dist/README_FILES/MILTER_README:1.1.1.1.2.3	Sun Nov 21 18:31:23 2010
+++ src/external/ibm-public/postfix/dist/README_FILES/MILTER_README	Sat Sep 17 18:57:33 2011
@@ -337,8 +337,11 @@
 |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
 |{client_addr}   |Always   |Client IP address |
 |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-|{client_connections}|CONNECT  |Connection concurrency for|
-|| |this client   |
+|| |Connection concurrency for|
+|| |this client (zero if the  |
+

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

2011-08-09 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Tue Aug  9 18:58:18 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY makedefs
postfix-install
src/external/ibm-public/postfix/dist/src/cleanup [netbsd-5]:
cleanup_milter.c
src/external/ibm-public/postfix/dist/src/global [netbsd-5]: abounce.c
abounce.h mail_version.h
src/external/ibm-public/postfix/dist/src/local [netbsd-5]: Makefile.in
bounce_workaround.c mailbox.c unknown.c
src/external/ibm-public/postfix/dist/src/master [netbsd-5]:
master_ent.c
src/external/ibm-public/postfix/dist/src/milter [netbsd-5]: milter8.c
src/external/ibm-public/postfix/dist/src/oqmgr [netbsd-5]:
qmgr_active.c
src/external/ibm-public/postfix/dist/src/postdrop [netbsd-5]:
postdrop.c
src/external/ibm-public/postfix/dist/src/qmgr [netbsd-5]: qmgr_active.c
src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]:
smtpd_check.c
src/external/ibm-public/postfix/dist/src/util [netbsd-5]: sys_defs.h

Log Message:
Apply patches (requested by tron in ticket #1653):
external/ibm-public/postfix/dist/HISTORYpatch
external/ibm-public/postfix/dist/makedefs   patch
external/ibm-public/postfix/dist/postfix-install patch
external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c patch
external/ibm-public/postfix/dist/src/global/abounce.c patch
external/ibm-public/postfix/dist/src/global/abounce.h patch
external/ibm-public/postfix/dist/src/global/mail_version.h patch
external/ibm-public/postfix/dist/src/local/Makefile.in patch
external/ibm-public/postfix/dist/src/local/bounce_workaround.c patch
external/ibm-public/postfix/dist/src/local/mailbox.c patch
external/ibm-public/postfix/dist/src/local/unknown.c patch
external/ibm-public/postfix/dist/src/master/master_ent.c patch
external/ibm-public/postfix/dist/src/milter/milter8.c patch
external/ibm-public/postfix/dist/src/oqmgr/qmgr_active.c patch
external/ibm-public/postfix/dist/src/postdrop/postdrop.c patch
external/ibm-public/postfix/dist/src/qmgr/qmgr_active.c patch
external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c patch
external/ibm-public/postfix/dist/src/util/sys_defs.h patch

Update Postfix to version 2.7.5. Changes since version 2.7.4:
- Performance: a high load of DSN success notification requests could
  slow down the queue manager. Solution: make the trace client
  asynchronous, just like the bounce and defer clients.
- The local(8) delivery agent ignored table lookup errors in
  mailbox_command_maps, mailbox_transport_maps,
  fallback_transport_maps and (while bouncing mail to alias) alias
  owner lookup.
- Workaround: dbl.spamhaus.org rejects lookups with No IP queries
  even if the name has an alphanumerical prefix. We play safe, and
  skip both RHSBL and RHSWL queries for names ending in a numerical
  suffix.
- The Postfix Milter client reported a temporary error instead of
  file too large in three cases.
- The sendmail -t command reported protocol error instead of
  file too large, no space left on device etc.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.2.6 -r1.1.1.2.2.7 \
src/external/ibm-public/postfix/dist/HISTORY
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.2.2.2 -r1.2.2.3 \
src/external/ibm-public/postfix/dist/postfix-install
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup_milter.c
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/global/abounce.c \
src/external/ibm-public/postfix/dist/src/global/abounce.h
cvs rdiff -u -r1.1.1.2.2.6 -r1.1.1.2.2.7 \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/local/Makefile.in \
src/external/ibm-public/postfix/dist/src/local/bounce_workaround.c \
src/external/ibm-public/postfix/dist/src/local/mailbox.c \
src/external/ibm-public/postfix/dist/src/local/unknown.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/master/master_ent.c
cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \
src/external/ibm-public/postfix/dist/src/milter/milter8.c
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/oqmgr/qmgr_active.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/postdrop/postdrop.c
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/qmgr/qmgr_active.c
cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd_check.c
cvs rdiff -u -r1.1.1.1.2.5

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

2011-07-15 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Fri Jul 15 22:29:31 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY
src/external/ibm-public/postfix/dist/src/global [netbsd-5]:
mail_version.h
src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]:
smtpd_sasl_proto.c

Log Message:
Pull up following revision(s) (requested by tron in ticket #1637):
external/ibm-public/postfix/dist/HISTORYpatch
external/ibm-public/postfix/dist/src/global/mail_version.h  patch
external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c   patch

Update Postfix to version 2.7.4. This update fixes the security
vulnerability reported in CVE-2011-1720 which fortunately doesnt


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \
src/external/ibm-public/postfix/dist/HISTORY
cvs rdiff -u -r1.1.1.2.2.5 -r1.1.1.2.2.6 \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/HISTORY
diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.6
--- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5	Thu Mar 24 19:54:07 2011
+++ src/external/ibm-public/postfix/dist/HISTORY	Fri Jul 15 22:29:30 2011
@@ -15616,7 +15616,7 @@
 	for the virtual: transport to /etc/postfix/virtual:.
 	Symptom reported by Christoph Anton Mitterer.
 
-20200102
+20100102
 
 	Workaround: don't report bogus Berkeley DB close errors as
 	fatal errors. All operations before close are already error
@@ -15884,3 +15884,10 @@
 
 	Portability: FreeBSD closefrom() support time window.  Sahil
 	Tandon.  File: util/sys_defs.h.
+
+20110414
+
+	Bugfix (introduced with Postfix SASL patch 2314): don't
+	reuse a server SASL handle after authentication failure.
+	Problem reported by Thomas Jarosch of Intra2net AG. File:
+	smtpd/smtpd_proto.c.

Index: src/external/ibm-public/postfix/dist/src/global/mail_version.h
diff -u src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.5 src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.6
--- src/external/ibm-public/postfix/dist/src/global/mail_version.h:1.1.1.2.2.5	Thu Mar 24 19:54:07 2011
+++ src/external/ibm-public/postfix/dist/src/global/mail_version.h	Fri Jul 15 22:29:31 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: mail_version.h,v 1.1.1.2.2.5 2011/03/24 19:54:07 riz Exp $	*/
+/*	$NetBSD: mail_version.h,v 1.1.1.2.2.6 2011/07/15 22:29:31 riz Exp $	*/
 
 #ifndef _MAIL_VERSION_H_INCLUDED_
 #define _MAIL_VERSION_H_INCLUDED_
@@ -22,8 +22,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	20110303
-#define MAIL_VERSION_NUMBER	2.7.3
+#define MAIL_RELEASE_DATE	20110509
+#define MAIL_VERSION_NUMBER	2.7.4
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	- MAIL_RELEASE_DATE

Index: src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c
diff -u src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.3 src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.4
--- src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c:1.1.1.1.2.3	Fri Jan  7 01:24:14 2011
+++ src/external/ibm-public/postfix/dist/src/smtpd/smtpd_sasl_proto.c	Fri Jul 15 22:29:31 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: smtpd_sasl_proto.c,v 1.1.1.1.2.3 2011/01/07 01:24:14 riz Exp $	*/
+/*	$NetBSD: smtpd_sasl_proto.c,v 1.1.1.1.2.4 2011/07/15 22:29:31 riz Exp $	*/
 
 /*++
 /* NAME
@@ -186,6 +186,27 @@
 	return (-1);
 }
 
+/* Don't reuse the SASL handle after authentication failure. */
+#ifndef SMTPD_FLAG_AUTH_USED
+#define SMTPD_FLAG_AUTH_USED	(115)
+#endif
+#ifndef XSASL_TYPE_CYRUS 
+#define XSASL_TYPE_CYRUS	cyrus
+#endif
+if (state-flags  SMTPD_FLAG_AUTH_USED) {
+	smtpd_sasl_deactivate(state);
+#ifdef USE_TLS
+	if (state-tls_context != 0)
+	smtpd_sasl_activate(state, VAR_SMTPD_SASL_TLS_OPTS,
+var_smtpd_sasl_tls_opts);
+	else
+#endif
+	smtpd_sasl_activate(state, VAR_SMTPD_SASL_OPTS,
+var_smtpd_sasl_opts);
+} else if (strcmp(var_smtpd_sasl_type, XSASL_TYPE_CYRUS) == 0) {
+	state-flags |= SMTPD_FLAG_AUTH_USED;
+}
+
 /*
  * All authentication failures shall be logged. The 5xx reply code from
  * the SASL authentication routine triggers tar-pit delays, which help to

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

2011-03-24 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Thu Mar 24 19:54:09 UTC 2011

Modified Files:
src/external/ibm-public/postfix/dist [netbsd-5]: HISTORY makedefs
src/external/ibm-public/postfix/dist/src/cleanup [netbsd-5]:
cleanup_map1n.c
src/external/ibm-public/postfix/dist/src/global [netbsd-5]:
mail_version.h
src/external/ibm-public/postfix/dist/src/local [netbsd-5]: recipient.c
src/external/ibm-public/postfix/dist/src/master [netbsd-5]:
master_sig.c
src/external/ibm-public/postfix/dist/src/smtp [netbsd-5]: smtp_proto.c
src/external/ibm-public/postfix/dist/src/smtpd [netbsd-5]: smtpd.c
src/external/ibm-public/postfix/dist/src/util [netbsd-5]: host_port.c
make_dirs.c sys_defs.h watchdog.c

Log Message:
Apply patches (requested by tron in ticket #1576):
Update postfix to version 2.7.3:
- Fix for CVE-2011-0411: discard buffered plaintext input, after
  reading the SMTP STARTTLS command or response.
- Fix to the local delivery agent: look up the unextended address
  in the local aliases database, when that address has a malformed
  address extension.
- Fix to virtual alias expansion: report a tempfail error, instead of
  silently ignoring recipients that exceed the
  virtual_alias_expansion_limit or the virtual_alias_recursion_limit.
- Fix for BSD-ish mkdir() to prevent maildir directories from
  inheriting their group ownership from the parent directory.
- Fix to the SMTP client: missing support for mail to [ipv6:ipv6addr]
  address literal destinations.


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \
src/external/ibm-public/postfix/dist/HISTORY
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/makedefs
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/cleanup/cleanup_map1n.c
cvs rdiff -u -r1.1.1.2.2.4 -r1.1.1.2.2.5 \
src/external/ibm-public/postfix/dist/src/global/mail_version.h
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/local/recipient.c
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/master/master_sig.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/smtp/smtp_proto.c
cvs rdiff -u -r1.2.2.4 -r1.2.2.5 \
src/external/ibm-public/postfix/dist/src/smtpd/smtpd.c
cvs rdiff -u -r1.1.1.1.2.3 -r1.1.1.1.2.4 \
src/external/ibm-public/postfix/dist/src/util/host_port.c \
src/external/ibm-public/postfix/dist/src/util/make_dirs.c \
src/external/ibm-public/postfix/dist/src/util/watchdog.c
cvs rdiff -u -r1.1.1.1.2.4 -r1.1.1.1.2.5 \
src/external/ibm-public/postfix/dist/src/util/sys_defs.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/external/ibm-public/postfix/dist/HISTORY
diff -u src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.4 src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.5
--- src/external/ibm-public/postfix/dist/HISTORY:1.1.1.2.2.4	Fri Jan  7 01:23:55 2011
+++ src/external/ibm-public/postfix/dist/HISTORY	Thu Mar 24 19:54:07 2011
@@ -15730,6 +15730,18 @@
 	The last protocol change was in Postfix 2.1. File:
 	util/dict_open.c.
 
+20100422
+
+	Workaround (introduced: postfix-19990906 a.k.a. Postfix
+	0.8.0).  The Postfix local delivery agent did not properly
+	distinguish between address has no extension and address
+	has an extension, but the extension is invalid. In both
+	cases it would run only the full recipient local-part through
+	the alias maps.  Instead, it now drops the faulty extension
+	from the recipient address local-part (it would be too
+	error-prone to replace all tests for no extension by tests
+	for no valid extension.  File: local/recipient.c.
+
 20100515
 
 	Bugfix (introduced Postfix 2.6): the Postfix SMTP client
@@ -15816,3 +15828,59 @@
 	compliance. We now make an exception for final replies,
 	as permitted by RFC. Solution by Victor Duchovni. File:
 	smtpd/smtpd.c.
+
+20101201
+
+	Workaround: BSD-ish mkdir() ignores the effective GID and
+	copies group ownership from the parent directory.  File:
+	util/make_dirs.c.
+
+20101202
+
+	Cleanup: the cleanup server now reports a temporary delivery
+	error when it reaches the virtual_alias_expansion_limit or
+	virtual_alias_recursion_limit. Previously, it would silently
+	ignore the excess recipients and deliver the message.  File:
+	cleanup/cleanup_map1n.c.
+
+20110105
+
+	Bugfix (introduced with the Postfix TLS patch): discard
+	plaintext following the STARTTLS command or response. This
+	matters only for the minority of SMTP clients that actually
+	verify server certificates.  Files: smtpd/smtpd.c,
+	smtp/smtp_proto.c.
+
+	This vulnerability is also known as

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

CVS commit: [netbsd-5] src/external/ibm-public/postfix/dist

5 matches

Site Navigation

Mail list logo

Footer information