-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 09 Mar 2024 10:38:51 -0500 Source: postfix Binary: postfix postfix-cdb postfix-cdb-dbgsym postfix-dbgsym postfix-ldap postfix-ldap-dbgsym postfix-lmdb postfix-lmdb-dbgsym postfix-mysql postfix-mysql-dbgsym postfix-pcre postfix-pcre-dbgsym postfix-pgsql postfix-pgsql-dbgsym postfix-sqlite postfix-sqlite-dbgsym Architecture: armhf Version: 3.5.25-0+deb11u1 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: Scott Kitterman Description: postfix - High-performance mail transport agent postfix-cdb - CDB map support for Postfix postfix-ldap - LDAP map support for Postfix postfix-lmdb - LMDB map support for Postfix postfix-mysql - MySQL map support for Postfix postfix-pcre - PCRE map support for Postfix postfix-pgsql - PostgreSQL map support for Postfix postfix-sqlite - SQLite map support for Postfix Changes: postfix (3.5.25-0+deb11u1) bullseye; urgency=medium . [Wietse Venema] . * 3.5.25 - Bugfix (defect introduced: Postfix 2.3, date 20051222): the Dovecot auth client did not reset the 'reason' from a previous Dovecot auth service response, before parsing the next Dovecot auth server response in the same SMTP session. Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c. - Cleanup: Postfix SMTP server response with an empty authentication failure reason. File: smtpd/smtpd_sasl_glue.c. - Bugfix (defect introduced: Postfix 3.1, date: 20151128): "postqueue -j" produced broken JSON when escaping a control character as \uXXXX. Found during code maintenance. File: postqueue/showq_json.c. - Cleanup: posttls-finger certificate match expectations for all TLS security levels, including warnings for levels that don't implement certificate matching. Viktor Dukhovni. File: posttls-finger.c. - Bugfix (defect introduced: Postfix 2.3): after prepending a message header with a Postfix access table PREPEND action, a Milter request to delete or update an existing header could have no effect, or it could target the wrong instance of an existing header. Root cause: the fix dated 20141018 for the Postfix Milter client was incomplete. The client did correctly hide the first, Postfix-generated, Received: header when sending message header information to a Milter with the smfi_header() application callback function, but it was still hiding the first header (instead of the first Received: header) when handling requests from a Milter to delete or update an existing header. Problem report by Carlos Velasco. This change was verified to have no effect on requests from a Milter to add or insert a header. File: cleanup/cleanup_milter.c. - Workaround: tlsmgr logfile spam. Some OS lies under load: it says that a socket is readable, then it says that the socket has unread data, and then it says that read returns EOF, causing Postfix to spam the log with a warning message. File: tlsmgr/tlsmgr.c. - Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT command handler could be tricked to read $message_size_limit bytes into memory. Found during code maintenance. File: smtpd/smtpd.c. - Performance: eliminate worst-case behavior where the queue manager defers delivery to all destinations over a specific delivery transport, after only a single delivery agent failure. The scheduler now throttles one destination, and allows deliveries to other destinations to keep making progress. Files: *qmgr/qmgr_deliver.c. - Safety: drop and log over-size DNS responses resulting in more than 100 records. This 20x larger than the number of server addresses that the Postfix SMTP client is willing to consider when delivering mail, and is well below the number of records that could cause a tail recursion crash in dns_rr_append() as reported by Toshifumi Sakaguchi. This also limits the number of DNS requests from check_*_*_access restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c, dns/test_dns_lookup.c, posttls-finger/posttls-finger.c, smtp/smtp_addr.c, smtpd/smtpd_check.c. Checksums-Sha1: e4501dd08bbfd1a9058d1b07ed984b5bf24bab8b 10100 postfix-cdb-dbgsym_3.5.25-0+deb11u1_armhf.deb c203161898018611c28a2d4ca402bc3055b31939 364076 postfix-cdb_3.5.25-0+deb11u1_armhf.deb c44e6fdd91bb410cce5f3bf8593b510545015b9d 2041260 postfix-dbgsym_3.5.25-0+deb11u1_armhf.deb e19c6a97813b59cc6206e8f361d82c73880119a8 21248 postfix-ldap-dbgsym_3.5.25-0+deb11u1_armhf.deb eb00d348426d96b3ed7573f5bf018dbb9882ef9d 381864 postfix-ldap_3.5.25-0+deb11u1_armhf.deb ff5205e92bb301a127fa9dbc90561c1791bb5b18 18408 postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armhf.deb 61a61c59d8bb09f610423a19fc889dcb6f3641e9 368892 postfix-lmdb_3.5.25-0+deb11u1_armhf.deb 8713f47e53f4f253c02395f36730712ee802802d 23416 postfix-mysql-dbgsym_3.5.25-0+deb11u1_armhf.deb 95056bc2893cdeb4f7212c959d2aeb9e33700565 371660 postfix-mysql_3.5.25-0+deb11u1_armhf.deb cead4a0cca543df35ef70ea29879c397be39cc73 13868 postfix-pcre-dbgsym_3.5.25-0+deb11u1_armhf.deb e8a8988356162b6484b812e2cdeb5d659086109e 369352 postfix-pcre_3.5.25-0+deb11u1_armhf.deb 8e1ed3943e10c98b455bd0bef4e3c7397ca738db 13316 postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armhf.deb 7b2ac1010c1fa0ade6081814ce5facec708c2784 370416 postfix-pgsql_3.5.25-0+deb11u1_armhf.deb 033047b1838aaee7f0f3624fbdd273bdd1b02dbe 7844 postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armhf.deb 3fc602ed48b4a308a80264d886328671eea0340f 367704 postfix-sqlite_3.5.25-0+deb11u1_armhf.deb 6ea8654150c27f8ce0b7aefe1f2c16f6046f32a9 12068 postfix_3.5.25-0+deb11u1_armhf-buildd.buildinfo a20807baf10dcd377f3d72d5c28263f102c4835a 1476396 postfix_3.5.25-0+deb11u1_armhf.deb Checksums-Sha256: 00c27c9ebd910584f2e444679c30a371541a28542d5187089ddd27955ee73660 10100 postfix-cdb-dbgsym_3.5.25-0+deb11u1_armhf.deb 1b6d96cccc519fa68fbe7abcfed3991518834f8f384cd3dc85c43ce594bc71ec 364076 postfix-cdb_3.5.25-0+deb11u1_armhf.deb 25637e1a135e028dd2229369cd500efa2e24303e5632a2d927c012c52c45e144 2041260 postfix-dbgsym_3.5.25-0+deb11u1_armhf.deb 79b11ad302ddb28e25db86d59bfcd21cf145a20be1865d86a629481a5f9fc3a4 21248 postfix-ldap-dbgsym_3.5.25-0+deb11u1_armhf.deb 387c84010055487845dd86531a103244ee085baf1b11f74f5102aa465d318ecd 381864 postfix-ldap_3.5.25-0+deb11u1_armhf.deb 49933fb910897a4409c9d1a1917b88a39873a0e8b5d1aa365205b85a15e8fed3 18408 postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armhf.deb a40de0a95d880417eb5f561cafb2a6492432aa018db9038a95195290a5f30c95 368892 postfix-lmdb_3.5.25-0+deb11u1_armhf.deb 896eb2538bd221eb6f260f8382dc41ae57d58442ce9534b6fb8e7e87b7eb56a2 23416 postfix-mysql-dbgsym_3.5.25-0+deb11u1_armhf.deb 66720b6526e0fe5d6e6194b392e9b0149652ff678a14d611b718b25f4187f69a 371660 postfix-mysql_3.5.25-0+deb11u1_armhf.deb e91f24b62555d11ad31854dedaab180a908e652e54111b5da1ae3c44a8c3dde7 13868 postfix-pcre-dbgsym_3.5.25-0+deb11u1_armhf.deb 59c74b38dce51b461eb659b4ebd19498a394c6f03f266093b6c190b311759107 369352 postfix-pcre_3.5.25-0+deb11u1_armhf.deb e25fa1da9a930ae04370d89cfbcf38a7d9ceb55eaf5a2601a79179447c216d59 13316 postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armhf.deb 5e30b2f86e6f5dd9278ed129469db5beccc9e53ce6bfa1a5246a268dd246a8fb 370416 postfix-pgsql_3.5.25-0+deb11u1_armhf.deb 1770f8fe7a68d525afc914673f59b3997c549f0865af97e4e579a90f392eca9a 7844 postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armhf.deb b821490767140a0b91a3b01495c6d05b6db60df85ce9d80af021d8a9d88bf33e 367704 postfix-sqlite_3.5.25-0+deb11u1_armhf.deb 1dbf30cedb3f37c1206c179b5f681fd154eeeb6a6b74274f511a9e4e99582c13 12068 postfix_3.5.25-0+deb11u1_armhf-buildd.buildinfo 227154fecdc35b104a542f8da386121a88c1d19c0a5b6e80609d1152bad35d06 1476396 postfix_3.5.25-0+deb11u1_armhf.deb Files: e0ced6da030814e8f70112f154245cce 10100 debug optional postfix-cdb-dbgsym_3.5.25-0+deb11u1_armhf.deb a3b41df10b7cb42f6bdadc957ebcccbd 364076 mail optional postfix-cdb_3.5.25-0+deb11u1_armhf.deb 84ebea05dcb5196aa00febd829f129c1 2041260 debug optional postfix-dbgsym_3.5.25-0+deb11u1_armhf.deb 7bbfe1571594562abce511062934fca0 21248 debug optional postfix-ldap-dbgsym_3.5.25-0+deb11u1_armhf.deb db0966f0ccabbfa603b33161cc7069d9 381864 mail optional postfix-ldap_3.5.25-0+deb11u1_armhf.deb 2954a103d56f1dfffdc81606c7023960 18408 debug optional postfix-lmdb-dbgsym_3.5.25-0+deb11u1_armhf.deb 387ec800be1d7e2c32959b67753d4778 368892 mail optional postfix-lmdb_3.5.25-0+deb11u1_armhf.deb a5e35449ff214e97a6850ceb5208d334 23416 debug optional postfix-mysql-dbgsym_3.5.25-0+deb11u1_armhf.deb 46efcb18da20c9026414c15c32399c8f 371660 mail optional postfix-mysql_3.5.25-0+deb11u1_armhf.deb 4ead773d97febd05d1c5dc89b1d08f10 13868 debug optional postfix-pcre-dbgsym_3.5.25-0+deb11u1_armhf.deb ac8391abb44eaf844bccc5663cbeb861 369352 mail optional postfix-pcre_3.5.25-0+deb11u1_armhf.deb e7e47a705d9cea653625df21951a2913 13316 debug optional postfix-pgsql-dbgsym_3.5.25-0+deb11u1_armhf.deb 544f521e24f8efc114e51c829a7b94be 370416 mail optional postfix-pgsql_3.5.25-0+deb11u1_armhf.deb d6c24d74613d14aea4dfa657522adb44 7844 debug optional postfix-sqlite-dbgsym_3.5.25-0+deb11u1_armhf.deb 358b9557c121d4e76ae88b0b36f0000b 367704 mail optional postfix-sqlite_3.5.25-0+deb11u1_armhf.deb c7b4bf30e361b90a49d92ba009f2baba 12068 mail optional postfix_3.5.25-0+deb11u1_armhf-buildd.buildinfo 519ebec4e23de95ed61272c47f707aab 1476396 mail optional postfix_3.5.25-0+deb11u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEiIhsyZ7bTtoONs0yzW4+LN9obe4FAmYm0XwACgkQzW4+LN9o be4NaA//a+yj/+5ZsvaTN+uxDOuGqoatnmZ7/F3PTYHxP2C08zQfRQoWzMlhjgzV GAxizL0xQZMFjh6iU5FZ+nIxBFYqNXq/Ie7G3y1QegkqJruH5JrTXdIKsez99jAr 3VwiaFuu+w0EUD+YjEaiYZ0dpGGxSPxJ9jNx2sW1I/82MEbJ27XmnmNk1IBAzxoO cGB3tGAny0ZoG5GRFH25+ezn9v6nWLBoP2bvzBbYwgbv4Hm6s6wwHsvH8YcZ79LH bEVmZfBncFKPrQz4gSB/V3KFSiO3mKg6cFA+PtqD1hCY/2VhiEbfnMwVYJ201TeU PsX1VE3O3TeKfx1m/NaBPBBKjWUNYBFTf/C7hT8sVvHvktCgGUtv+hZlo8VslIoS uVVC6C982sTfsUtDFq7erdPGDALlq659ScCakI04Xi6RfLcGnasrp1TBHah4tEpI Nv/5pL37ZgxeTONRLVrkyQ+DI3mFfgC+q3idGj+g4rjN3LuPygeXihMCzNIG9JKe GqMnsbt0sPu9558rKClUeLtVO5Cd4Ut6KTu++FTOu9f9coNYVaPmdOQA15T2G0kt RQoY8oBKmaWsc6YDDNCc6vHBrSUsqWQzpORaIHlPn9i7GBxzA/a+wWRY3WGX8MYm SZQjVCU8cvl6hHGgNvcgxdUY4zj4wPND7rAfCFG9xx23a2QpyJQ= =qDyM -----END PGP SIGNATURE-----