Hello community, here is the log from the commit of package postfix for openSUSE:Factory checked in at 2015-02-16 07:36:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postfix (Old) and /work/SRC/openSUSE:Factory/.postfix.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix" Changes: -------- --- /work/SRC/openSUSE:Factory/postfix/postfix.changes 2015-02-06 10:53:23.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.postfix.new/postfix.changes 2015-02-16 07:36:17.000000000 +0100 @@ -1,0 +2,21 @@ +Mon Feb 9 18:01:38 UTC 2015 - [email protected] + +- upstream update postfix 2.11.4: + +Postfix 2.11.4 only: + +* Fix a core dump when smtp_policy_maps specifies an invalid TLS + level. + +* Fix a missing " in \%s\", in postconf(1) fatal error messages, + which violated the C language spec. Reported by Iain Hibbert. + +All supported releases: + +* Stop excessive recursion in the cleanup server while recovering + from a virtual alias expansion loop. Problem found at Two Sigma. + +* Stop exponential memory allocation with virtual alias expansion + loops. This came to light after fixing the previous problem. + +------------------------------------------------------------------- Old: ---- postfix-2.11.3.tar.gz New: ---- postfix-2.11.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.EZQ3uJ/_old 2015-02-16 07:36:18.000000000 +0100 +++ /var/tmp/diff_new_pack.EZQ3uJ/_new 2015-02-16 07:36:18.000000000 +0100 @@ -52,7 +52,7 @@ %define _unitdir /lib/systemd %endif Name: postfix -Version: 2.11.3 +Version: 2.11.4 Release: 0 Summary: A fast, secure, and flexible mailer License: IPL-1.0 ++++++ postfix-2.11.3.tar.gz -> postfix-2.11.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/HISTORY new/postfix-2.11.4/HISTORY --- old/postfix-2.11.3/HISTORY 2014-10-20 00:11:34.000000000 +0200 +++ new/postfix-2.11.4/HISTORY 2015-02-09 00:12:22.000000000 +0100 @@ -19618,3 +19618,26 @@ Cleanup: revert the workaround that places headers inserted with PREPEND actions or policy requests BELOW Postfix's own Received: message header. File: smtpd/smtpd.c. + +20141025 + + Bugfix (introduced: Postfix 2.11): core dump when + smtp_policy_maps specifies an invalid TLS level. Viktor + Dukhovni. File: smtp/smtp_tls_policy.c. + +20150106 + + Robustness: don't segfault due to excessive recursion after + a faulty configuration runs into the virtual_alias_recursion_limit. + File: global/tok822_tree.c. + +20150115 + + Safety: stop aliasing loops that exponentially increase the + address length with each iteration. Back-ported from Postfix + 3.0. File: cleanup/cleanup_map1n.c. + +20150117 + + Cleanup: missing " in \%s\" in postconf(1) fatal error + messages. Iain Hibbert. File: postconf/postconf_master.c. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/src/cleanup/cleanup_map1n.c new/postfix-2.11.4/src/cleanup/cleanup_map1n.c --- old/postfix-2.11.3/src/cleanup/cleanup_map1n.c 2013-11-12 18:53:03.000000000 +0100 +++ new/postfix-2.11.4/src/cleanup/cleanup_map1n.c 2015-02-08 23:48:16.000000000 +0100 @@ -139,6 +139,15 @@ if ((lookup = mail_addr_map(maps, STR(state->temp1), propagate)) != 0) { saved_lhs = mystrdup(argv->argv[arg]); for (i = 0; i < lookup->argc; i++) { + if (strlen(lookup->argv[i]) > var_line_limit) { + msg_warn("%s: unreasonable %s result %.300s... -- " + "message not accepted, try again later", + state->queue_id, maps->title, lookup->argv[i]); + state->errs |= CLEANUP_STAT_DEFER; + UPDATE(state->reason, "4.6.0 Alias expansion error"); + UNEXPAND(argv, addr); + RETURN(argv); + } unquote_822_local(state->temp1, lookup->argv[i]); if (i == 0) { UPDATE(argv->argv[arg], STR(state->temp1)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/src/global/mail_version.h new/postfix-2.11.4/src/global/mail_version.h --- old/postfix-2.11.3/src/global/mail_version.h 2014-10-20 00:12:15.000000000 +0200 +++ new/postfix-2.11.4/src/global/mail_version.h 2015-02-09 00:17:36.000000000 +0100 @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20141019" -#define MAIL_VERSION_NUMBER "2.11.3" +#define MAIL_RELEASE_DATE "20150208" +#define MAIL_VERSION_NUMBER "2.11.4" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/src/global/tok822_tree.c new/postfix-2.11.4/src/global/tok822_tree.c --- old/postfix-2.11.3/src/global/tok822_tree.c 2000-11-20 19:05:32.000000000 +0100 +++ new/postfix-2.11.4/src/global/tok822_tree.c 2015-01-06 18:51:58.000000000 +0100 @@ -259,11 +259,12 @@ TOK822 *tok822_free_tree(TOK822 *tp) { - if (tp) { - if (tp->next) - tok822_free_tree(tp->next); + TOK822 *next; + + for (/* void */; tp != 0; tp = next) { if (tp->head) tok822_free_tree(tp->head); + next = tp->next; tok822_free(tp); } return (0); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/src/postconf/postconf_master.c new/postfix-2.11.4/src/postconf/postconf_master.c --- old/postfix-2.11.3/src/postconf/postconf_master.c 2013-12-20 01:56:45.000000000 +0100 +++ new/postfix-2.11.4/src/postconf/postconf_master.c 2015-01-22 15:10:53.000000000 +0100 @@ -273,7 +273,7 @@ for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) { cp = argv->argv[field]; if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0) - pcf_fix_fatal("invalid %s field \%s\" in \"%s\"", + pcf_fix_fatal("invalid %s field \"%s\" in \"%s\"", pcf_str_field_pattern(field), cp, raw_text); } @@ -282,12 +282,12 @@ if (len > 0 && cp[len - 1] == '?') len--; if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len) - pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \%s\" in \"%s\"", + pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \"%s\" in \"%s\"", cp, raw_text); cp = argv->argv[PCF_MASTER_FLD_MAXPROC]; if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0) - pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \%s\" in \"%s\"", + pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \"%s\" in \"%s\"", cp, raw_text); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-2.11.3/src/smtp/smtp_tls_policy.c new/postfix-2.11.4/src/smtp/smtp_tls_policy.c --- old/postfix-2.11.3/src/smtp/smtp_tls_policy.c 2014-03-03 20:53:26.000000000 +0100 +++ new/postfix-2.11.4/src/smtp/smtp_tls_policy.c 2014-10-25 21:22:55.000000000 +0200 @@ -516,9 +516,11 @@ switch (site_level) { default: tls->level = site_level; + /* FALLTHROUGH */ case TLS_LEV_NOTFOUND: break; case TLS_LEV_INVALID: + tls->level = site_level; return ((void *) tls); } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
