-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 09 Mar 2024 10:38:51 -0500 Source: postfix Binary: postfix postfix-cdb postfix-cdb-dbgsym postfix-dbgsym postfix-ldap postfix-ldap-dbgsym postfix-lmdb postfix-lmdb-dbgsym postfix-mysql postfix-mysql-dbgsym postfix-pcre postfix-pcre-dbgsym postfix-pgsql postfix-pgsql-dbgsym postfix-sqlite postfix-sqlite-dbgsym Architecture: armel Version: 3.5.25-0+deb11u1 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-ubc-04) Changed-By: Scott Kitterman Description: postfix - High-performance mail transport agent postfix-cdb - CDB map support for Postfix postfix-ldap - LDAP map support for Postfix postfix-lmdb - LMDB map support for Postfix postfix-mysql - MySQL map support for Postfix postfix-pcre - PCRE map support for Postfix postfix-pgsql - PostgreSQL map support for Postfix postfix-sqlite - SQLite map support for Postfix Changes: postfix (3.5.25-0+deb11u1) bullseye; urgency=medium . [Wietse Venema] . * 3.5.25 - Bugfix (defect introduced: Postfix 2.3, date 20051222): the Dovecot auth client did not reset the 'reason' from a previous Dovecot auth service response, before parsing the next Dovecot auth server response in the same SMTP session. Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c. - Cleanup: Postfix SMTP server response with an empty authentication failure reason. File: smtpd/smtpd_sasl_glue.c. - Bugfix (defect introduced: Postfix 3.1, date: 20151128): "postqueue -j" produced broken JSON when escaping a control character as \uXXXX. Found during code maintenance. File: postqueue/showq_json.c. - Cleanup: posttls-finger certificate match expectations for all TLS security levels, including warnings for levels that don't implement certificate matching. Viktor Dukhovni. File: posttls-finger.c. - Bugfix (defect introduced: Postfix 2.3): after prepending a message header with a Postfix access table PREPEND action, a Milter request to delete or update an existing header could have no effect, or it could target the wrong instance of an existing header. Root cause: the fix dated 20141018 for the Postfix Milter client was incomplete. The client did correctly hide the first, Postfix-generated, Received: header when sending message header information to a Milter with the smfi_header() application callback function, but it was still hiding the first header (instead of the first Received: header) when handling requests from a Milter to delete or update an existing header. Problem report by Carlos Velasco. This change was verified to have no effect on requests from a Milter to add or insert a header. File: cleanup/cleanup_milter.c. - Workaround: tlsmgr logfile spam. Some OS lies under load: it says that a socket is readable, then it says that the socket has unread data, and then it says that read returns EOF, causing Postfix to spam the log with a warning message. File: tlsmgr/tlsmgr.c. - Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT command handler could be tricked to read $message_size_limit bytes into memory. Found during code maintenance. File: smtpd/smtpd.c. - Performance: eliminate worst-case behavior where the queue manager defers delivery to all destinations over a specific delivery transport, after only a single delivery agent failure. The scheduler now throttles one destination, and allows deliveries to other destinations to keep making progress. Files: *qmgr/qmgr_deliver.c. - Safety: drop and log over-size DNS responses resulting in more than 100 records. This 20x larger than the number of server addresses that the Postfix SMTP client is willing to consider when delivering mail, and is well below the number of records that could cause a tail recursion crash in dns_rr_append() as reported by Toshifumi Sakaguchi. This also limits the number of DNS requests from check_*_*_access restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c, dns/test_dns_lookup.c, posttls-finger/posttls-finger.c, smtp/smtp_addr.c, smtpd/smtpd_check.c. Checksums-Sha1: 4583acb4f147781919a8b8872ca16ba4d41bf8ab 9980 postfix-cdb-dbgsym_3.5.25-0+deb11u1_armel.deb 650690f0ad022bfed078f7d8584d3c86dd2e9f4f 364116 postfix-cdb_3.5.25-0+deb11u1_armel.deb 0191fae4e9a5176b8fd363468aff7dad66c26365 2012788 postfix-dbgsym_3.5.25-0+deb11u1_armel.deb d9db54ccc24d1a02a8164d186f1f5a250559aae0 20864 postfix-ldap-dbgsym_3.5.25-0+deb11u1_armel.deb 6efee6bb051bd7d632915044d6c5f31727476b60 381660 postfix-ldap_3.5.25-0+deb11u1_armel.deb ad575d0b47de3150fed64985b709e18dccd85c7d 18364 postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armel.deb 81383eabf36d588ba7f4787b0fce5fc6b251bb36 368920 postfix-lmdb_3.5.25-0+deb11u1_armel.deb 4fbfa168c8878926966a4dfbdfe94cccf865ccc9 23584 postfix-mysql-dbgsym_3.5.25-0+deb11u1_armel.deb 76f7e6a242afaf7634063f6228a322c8c75a8164 373468 postfix-mysql_3.5.25-0+deb11u1_armel.deb c623e13876e6c8683d40ee42af5ac434dca198fb 13844 postfix-pcre-dbgsym_3.5.25-0+deb11u1_armel.deb 428300585fe9cc793716a49e7a1e553dc6dd77a9 369480 postfix-pcre_3.5.25-0+deb11u1_armel.deb b2fae90ac7612931cd7563079d15de6b025639e6 13308 postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armel.deb 42913fc66e19bfb20fe9b1bc0ed27e80c54d8045 371464 postfix-pgsql_3.5.25-0+deb11u1_armel.deb a9cc629ece928a025081a5885a5a8858e220122d 7740 postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armel.deb 1ac6f9e96ed582390fcc6cb989dfb92033c3ddd0 367732 postfix-sqlite_3.5.25-0+deb11u1_armel.deb a0488fb0f2055236519b4d725aaf2aecdaebf8a0 12063 postfix_3.5.25-0+deb11u1_armel-buildd.buildinfo 551e5181297e43d32e1ba91aa1a4d97e35fc7012 1456068 postfix_3.5.25-0+deb11u1_armel.deb Checksums-Sha256: 0208a041322a00d0f461762777d7bdf6b05f0303a1d7d9e245bf71f8c1bc4277 9980 postfix-cdb-dbgsym_3.5.25-0+deb11u1_armel.deb 7e4e6c09552e80b7b931b60d4e72ea837aa11d130058f7f3b318aaecc4f43dac 364116 postfix-cdb_3.5.25-0+deb11u1_armel.deb 4d8b0b6b6c08f7eed009dd2fcfe305225bb2177182368c2962d3cc8cb67970f9 2012788 postfix-dbgsym_3.5.25-0+deb11u1_armel.deb bdd2c1589b445a89c1bbec2dcab3030abe672ec46244bfc7e5c58332ed2ae153 20864 postfix-ldap-dbgsym_3.5.25-0+deb11u1_armel.deb 212daea5cdf3e0558c7892784bda8007150592a7c058c07792d6aa0ba191d876 381660 postfix-ldap_3.5.25-0+deb11u1_armel.deb e6cd82cded38c8550272139a3cbf1c206b09b0f2f84f851cbf4053c4a048debb 18364 postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armel.deb ecde15af0c791c61593265798967f0fec88f0ee4edc54e2eb8e1feed5061b431 368920 postfix-lmdb_3.5.25-0+deb11u1_armel.deb 62347619c57ce112e097d5d06d1beee95c06ed0b1ded2a45017575c0b28676b1 23584 postfix-mysql-dbgsym_3.5.25-0+deb11u1_armel.deb a1b0da9b6ad0a080a7819f6b34c59899e6d37165e27494cbab236730f17b537e 373468 postfix-mysql_3.5.25-0+deb11u1_armel.deb e373a46e4a343d1d1c3e79cc41a93ce2fb9c2d41c4710e795567e4750a687538 13844 postfix-pcre-dbgsym_3.5.25-0+deb11u1_armel.deb a4d46803cbe7ecf586d633633290fb5af18b3a90f2fc0690f605b57bf1a0f547 369480 postfix-pcre_3.5.25-0+deb11u1_armel.deb 365b366a1b9feb8b63ed0d1673853b00de1a0a4d3ef7fc47e0ff41178f7bf904 13308 postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armel.deb e27182847a2ef792cc0951ea33722e9d9f01ee42a5b5999e592a7247196047dc 371464 postfix-pgsql_3.5.25-0+deb11u1_armel.deb 1e80fa97d65afde29847fe53fee7ccc064ed39518c94e6f104c95ee036a6c824 7740 postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armel.deb f8686f690418ddf13866ecd4e241c8bc687ec5c761e131d71839fc131523d855 367732 postfix-sqlite_3.5.25-0+deb11u1_armel.deb 7926fc8a1c1231b7d7e8c497751b06c8be3db70591de10746bb7615a6acc332d 12063 postfix_3.5.25-0+deb11u1_armel-buildd.buildinfo 6a8623718225ac6c27da607819aba9e09bf0cf7759ef239c124e30fa81f12e53 1456068 postfix_3.5.25-0+deb11u1_armel.deb Files: 63f81589863c7a73b339560b39913519 9980 debug optional postfix-cdb-dbgsym_3.5.25-0+deb11u1_armel.deb b542f9f860def8e99bc2eb0adc52801a 364116 mail optional postfix-cdb_3.5.25-0+deb11u1_armel.deb dadb78d782e5b750dff6fffca718bcf9 2012788 debug optional postfix-dbgsym_3.5.25-0+deb11u1_armel.deb 9a125e5a49b9caf9ec073f83a27477c4 20864 debug optional postfix-ldap-dbgsym_3.5.25-0+deb11u1_armel.deb a4376afb3f56a14c10d17e8bbf660965 381660 mail optional postfix-ldap_3.5.25-0+deb11u1_armel.deb 5cc5cfff40760abb4d33aa8174cee6eb 18364 debug optional postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armel.deb e84877832cc2d50f8343f7c830e941ae 368920 mail optional postfix-lmdb_3.5.25-0+deb11u1_armel.deb 3695bb2730c32a76921b4e2f3f3d4e54 23584 debug optional postfix-mysql-dbgsym_3.5.25-0+deb11u1_armel.deb 117346d3fdca9fb1249c740c68aa1dee 373468 mail optional postfix-mysql_3.5.25-0+deb11u1_armel.deb e425d6f1920122abb85a7e819d6ef89b 13844 debug optional postfix-pcre-dbgsym_3.5.25-0+deb11u1_armel.deb a92b638f01150e6455480dad24d9032c 369480 mail optional postfix-pcre_3.5.25-0+deb11u1_armel.deb f6d3510ab35f5cfd02a4ecaa790078ca 13308 debug optional postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armel.deb 5d3287df4f99a34958a1a09a1f036e0d 371464 mail optional postfix-pgsql_3.5.25-0+deb11u1_armel.deb 70d8bda3d96adab6b03740e6ec5f3eb9 7740 debug optional postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armel.deb afa715abf62b12913afa53279bd2856d 367732 mail optional postfix-sqlite_3.5.25-0+deb11u1_armel.deb c80063bcb342d9a59a3b88a5a15352d4 12063 mail optional postfix_3.5.25-0+deb11u1_armel-buildd.buildinfo 44274bfeab36eba1c1bdfefb9531eb31 1456068 mail optional postfix_3.5.25-0+deb11u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEhIjlhCbW26iJ+mP42f5Ql/MVJ7kFAmYm0h0ACgkQ2f5Ql/MV J7mYgQ//f1hf3VfACGKX3CzsFNe/SIP0LIUFufyYNZW0iUvTXJ9nRdWMy5eTri76 6lyZo1BTjoxCdqe6ofcQLj9yaTXAT6iEH6jYQreAbclu5Zol6rHk35472pRzEBoA Ptb/pd9m+9LtVqS1Dr4j7mOyfSlq4I4qqH8/HjNCmVofVyZcINhUTEYJBIS6ZOI1 BZo3rQnXmxTyBkUi6UJY6O27Yt7W8R2zoaELiFIACKe2LYhwEsuCQp812ZD5fQ77 2S5fGv85z0601MsPVHAzKlCFJyLxx9fP0hNm6eL3JkOJ1l1vkPVcLVGvfuEumz1p +5zWFkmQ5tQVxGnB00ha9+A/IRRWKORcT70JIJByCHJN4TaHfUa33lXyNnqMgt0H mPvpKIeTXsVX7rSPE87aCVpunxBj9q6g05D1064CiIScqORKTA/UyFMiCJfc11KV F6OAo27NSKsRWZBGz0JGdy4GE68qMQf6iUZb/6BRs3Smp79MwzYAhiCs2V1ePghS Re53H7gFipNd9unVAWiMl5xwQTYIPVmeirbhKkLVMKA8nWwQ+ch8RIGozQd2PjcN f2s7r11akuSeEIf0CFdmQb2RaCBeu7qk2kFq8XuW/1r4c657/cFy9QXhcuZ9MeCK Jlj1LC7dlTSPzoai7tVpnVxHAE2MIOLiLfCaTyzgivrSEQ8Sd6E= =yC0Q -----END PGP SIGNATURE-----