Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postfix for openSUSE:Factory checked in at 2024-12-22 17:58:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postfix (Old) and /work/SRC/openSUSE:Factory/.postfix.new.1881 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postfix" Sun Dec 22 17:58:59 2024 rev:246 rq:1232867 version:3.9.1 Changes: -------- --- /work/SRC/openSUSE:Factory/postfix/postfix-bdb.changes 2024-09-25 21:52:39.382697340 +0200 +++ /work/SRC/openSUSE:Factory/.postfix.new.1881/postfix-bdb.changes 2024-12-22 17:59:09.331326615 +0100 @@ -1,0 +2,35 @@ +Thu Dec 5 19:05:33 UTC 2024 - Arjen de Korte <suse+bu...@de-korte.org> + +- update to 3.9.1 + * The mail_version configuration parameter did not have a three-number + value (3.9 instead of 3.9.0; it still had the two-number version + from the development releases postfix-3.9-yyyymmdd). This broke + pathnames derived from the mail_version value, such as + shlib_directory. + * Bugfix (defect introduced: Postfix 2.9, date 20111218): with + "smtpd_sasl_auth_enable = no", the permit_sasl_authenticated feature + ignored information that was received with the XCLIENT LOGIN + command, so that the client was treated as unauthenticated. This was + fixed by removing an unnecessary test. + * Bugfix (defect introduced: postfix 3.0): the default master.cf + syslog_name setting for the relay service did not preserve + multi-instance information, which complicated logfile analysis. + * Bugfix (defect introduced: Postfix 2.3, date 20051222): file + descriptor leak after failure to connect to a Dovecot auth server. + The impact is limited because Dovecot auth failures are rare, there + are limits on the number of retries (one), on the number of errors + per SMTP session (smtpd_hard_error_limit), on the number of sessions + per SMTP server process (max_use), and on the number of file handles + per process (managed with sysctl). + * Bugfix (defect introduced: Postfix 3.4, date 20190121): the + postsuper command failed with "open logfile '/path/to/file': + Permission denied" when the maillog_file parameter specified a + filename and Postfix was not running. This was fixed by opening the + maillog_file before dropping root privileges. + * Bugfix (defect introduced Postfix 3.0). No autodetection of UTF8 + text when missing message headers were automatically added by + Postfix (for example, a From: header with UTF8 full name information + from the password file). This caused Postfix to send UTF8 in message + headers without using the SMTPUTF8 protocol. + +------------------------------------------------------------------- postfix.changes: same change Old: ---- postfix-3.9.0.tar.gz postfix-3.9.0.tar.gz.asc New: ---- postfix-3.9.1.tar.gz postfix-3.9.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix-bdb.spec ++++++ --- /var/tmp/diff_new_pack.suMIxY/_old 2024-12-22 17:59:10.087357665 +0100 +++ /var/tmp/diff_new_pack.suMIxY/_new 2024-12-22 17:59:10.091357829 +0100 @@ -59,7 +59,7 @@ %endif %bcond_without ldap Name: postfix-bdb -Version: 3.9.0 +Version: 3.9.1 Release: 0 Summary: A fast, secure, and flexible mailer License: EPL-2.0 OR IPL-1.0 ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.suMIxY/_old 2024-12-22 17:59:10.135359636 +0100 +++ /var/tmp/diff_new_pack.suMIxY/_new 2024-12-22 17:59:10.135359636 +0100 @@ -46,7 +46,7 @@ %endif %bcond_without ldap Name: postfix -Version: 3.9.0 +Version: 3.9.1 Release: 0 Summary: A fast, secure, and flexible mailer License: EPL-2.0 OR IPL-1.0 @@ -525,8 +525,8 @@ %config(noreplace) %{_sysconfdir}/%{name}/sasl_passwd %config(noreplace) %{_sysconfdir}/%{name}/sender_canonical %config(noreplace) %{_sysconfdir}/%{name}/virtual -%ghost %{_sysconfdir}/%{name}/*.lmdb -%ghost %{_sysconfdir}/aliases.lmdb +%ghost %attr(0644,root,root) %{_sysconfdir}/%{name}/*.lmdb +%ghost %attr(0644,root,root) %{_sysconfdir}/aliases.lmdb %dir %{_sysconfdir}/sasl2 %config(noreplace) %{_sysconfdir}/sasl2/smtpd.conf %exclude %{_sysconfdir}/%{name}/LICENSE ++++++ postfix-3.9.0.tar.gz -> postfix-3.9.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/HISTORY new/postfix-3.9.1/HISTORY --- old/postfix-3.9.0/HISTORY 2024-03-05 21:31:19.000000000 +0100 +++ new/postfix-3.9.1/HISTORY 2024-12-04 19:24:37.000000000 +0100 @@ -27973,3 +27973,53 @@ Documentation: in the master.cf documentation, added text for "quoting" a command-line argument that starts with "{". File: proto/master. + +20240831 + + Bugfix: Postfix 3.9.0 did not have a three-number mail_version + value (it still had the two-number version from + postfix-3.9-yyyymmdd). Michael Orlitzky. Files: + global/mail_version.h, mantools/check-snapshot-nonprod. + +20240930 + + Bugfix (defect introduced: Postfix 2.9, date 20111218): + with "smtpd_sasl_auth_enable = no", info received with + XCLIENT LOGIN was ignored by permit_sasl_authenticated. + The fix was to remove a test and to rely solely on the + sasl_mechanism property which is null when a remote SMTP + client is not authenticated. File: src/smtpd/smtpd_check.c. + +20241021 + + Bugfix (defect introduced: postfix 3.0): the default master.cf + syslog_name setting for the relay service did not preserve + multi-instance information. File: conf/master.cf. + +20241027 + + Bugfix (defect introduced: Postfix 2.3, date 20051222): + file descriptor leak after failure to connect to a Dovecot + auth server. The impact is limited because there are limits + on the number of retries (one), on the number of errors per + SMTP session (smtpd_hard_error_limit), on the number + of sessions per SMTP server process (max_use), and on the + number file handles per process (managed with sysctl). + File: xsasl/xsasl_dovecot_server.c. + +20241122 + + Bugfix (defect introduced: Postfix 3.4, date 20190121): the + postsuper command failed with "open logfile 'xxx': Permission + denied" when the maillog_file parameter specified a filename + and Postfix was not running. This was fixed by opening the + maillog_file before dropping root privileges. Files: + util/msg_logger.c, global/maillog_client.c. + +20241201 + + Bugfix (defect introduced Postfix 3.0). Missing UTF8 + autodetection for headers that are automatically generated + by Postfix (for example, a From: header with UTF8 full name + information from the password file). Reported by Michael + Tokarev. File: src/cleanup/cleanup_message.c. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/conf/master.cf new/postfix-3.9.1/conf/master.cf --- old/postfix-3.9.0/conf/master.cf 2022-10-23 18:52:38.000000000 +0200 +++ new/postfix-3.9.1/conf/master.cf 2024-12-04 18:51:19.000000000 +0100 @@ -67,7 +67,7 @@ proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp - -o syslog_name=postfix/$service_name + -o syslog_name=${multi_instance_name?{$multi_instance_name}:{postfix}}/$service_name # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/mantools/check-snapshot-nonprod new/postfix-3.9.1/mantools/check-snapshot-nonprod --- old/postfix-3.9.0/mantools/check-snapshot-nonprod 2024-01-24 21:41:46.000000000 +0100 +++ new/postfix-3.9.1/mantools/check-snapshot-nonprod 2024-12-04 18:49:48.000000000 +0100 @@ -9,5 +9,8 @@ echo "Error: stable release builds with -DSNAPSHOT" 1>&2, exit 1; } grep 'CCARGS.*-DNONPROD' conf/makedefs.out && { echo "Error: stable release builds with -DNONPROD" 1>&2, exit 1; } + mail_version=$(sh postfix-env.sh bin/postconf -h mail_version) || exit 1 + test "postfix-$mail_version" = "$version" || { + echo "Error: version '$mail_version' in src/global/mail_version.h does not match version in pathname '$(env - pwd)'" 1>&2; exit 1; } ;; esac diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/cleanup/cleanup_message.c new/postfix-3.9.1/src/cleanup/cleanup_message.c --- old/postfix-3.9.0/src/cleanup/cleanup_message.c 2024-01-10 00:25:36.000000000 +0100 +++ new/postfix-3.9.1/src/cleanup/cleanup_message.c 2024-12-04 19:23:36.000000000 +0100 @@ -723,8 +723,9 @@ vstring_sprintf(state->temp1, "%s.%s@%s", time_stamp, state->queue_id, var_myhostname); } - cleanup_out_format(state, REC_TYPE_NORM, "%sMessage-Id: <%s>", - state->resent, vstring_str(state->temp1)); + vstring_sprintf(state->temp2, "%sMessage-Id: <%s>", + state->resent, vstring_str(state->temp1)); + cleanup_out_header(state, state->temp2); msg_info("%s: %smessage-id=<%s>", state->queue_id, *state->resent ? "resent-" : "", vstring_str(state->temp1)); @@ -741,8 +742,9 @@ if ((state->hdr_rewrite_context || var_always_add_hdrs) && (state->headers_seen & (1 << (state->resent[0] ? HDR_RESENT_DATE : HDR_DATE))) == 0) { - cleanup_out_format(state, REC_TYPE_NORM, "%sDate: %s", + vstring_sprintf(state->temp2, "%sDate: %s", state->resent, mail_date(state->arrival_time.tv_sec)); + cleanup_out_header(state, state->temp2); } /* @@ -805,7 +807,7 @@ vstring_sprintf(state->temp2, "%sFrom: %s", state->resent, vstring_str(state->temp1)); } - CLEANUP_OUT_BUF(state, REC_TYPE_NORM, state->temp2); + cleanup_out_header(state, state->temp2); } /* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/global/mail_version.h new/postfix-3.9.1/src/global/mail_version.h --- old/postfix-3.9.0/src/global/mail_version.h 2024-03-06 17:05:08.000000000 +0100 +++ new/postfix-3.9.1/src/global/mail_version.h 2024-12-04 19:43:24.000000000 +0100 @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20240306" -#define MAIL_VERSION_NUMBER "3.9" +#define MAIL_RELEASE_DATE "20241204" +#define MAIL_VERSION_NUMBER "3.9.1" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/global/maillog_client.c new/postfix-3.9.1/src/global/maillog_client.c --- old/postfix-3.9.0/src/global/maillog_client.c 2023-09-16 16:53:44.000000000 +0200 +++ new/postfix-3.9.1/src/global/maillog_client.c 2024-12-04 19:22:35.000000000 +0100 @@ -120,6 +120,7 @@ static void maillog_client_logwriter_fallback(const char *text) { static int fallback_guard = 0; + static VSTREAM *fp; /* * Guard against recursive calls. @@ -129,10 +130,20 @@ * logfile. All we can do is to hope that stderr logging will bring out * the bad news. */ - if (fallback_guard == 0 && var_maillog_file && *var_maillog_file - && logwriter_one_shot(var_maillog_file, text, strlen(text)) < 0) { - fallback_guard = 1; - msg_fatal("logfile '%s' write error: %m", var_maillog_file); + if (fallback_guard++ == 0 && var_maillog_file && *var_maillog_file) { + if (text == 0 && fp != 0) { + (void) vstream_fclose(fp); + fp = 0; + } + if (fp == 0) { + fp = logwriter_open_or_die(var_maillog_file); + close_on_exec(vstream_fileno(fp), CLOSE_ON_EXEC); + } + if (text && (logwriter_write(fp, text, strlen(text)) != 0 || + vstream_fflush(fp) != 0)) { + msg_fatal("logfile '%s' write error: %m", var_maillog_file); + } + fallback_guard = 0; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/smtpd/smtpd_check.c new/postfix-3.9.1/src/smtpd/smtpd_check.c --- old/postfix-3.9.0/src/smtpd/smtpd_check.c 2024-03-02 22:43:21.000000000 +0100 +++ new/postfix-3.9.1/src/smtpd/smtpd_check.c 2024-12-04 18:50:07.000000000 +0100 @@ -4674,13 +4674,11 @@ cpp[1], CHECK_RELAY_DOMAINS); } else if (strcasecmp(name, PERMIT_SASL_AUTH) == 0) { #ifdef USE_SASL_AUTH - if (smtpd_sasl_is_active(state)) { - status = permit_sasl_auth(state, - SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO); - if (status == SMTPD_CHECK_OK) - status = smtpd_acl_permit(state, name, SMTPD_NAME_CLIENT, - state->namaddr, NO_PRINT_ARGS); - } + status = permit_sasl_auth(state, + SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO); + if (status == SMTPD_CHECK_OK) + status = smtpd_acl_permit(state, name, SMTPD_NAME_CLIENT, + state->namaddr, NO_PRINT_ARGS); #endif } else if (strcasecmp(name, PERMIT_TLS_ALL_CLIENTCERTS) == 0) { status = permit_tls_clientcerts(state, 1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/util/msg_logger.c new/postfix-3.9.1/src/util/msg_logger.c --- old/postfix-3.9.0/src/util/msg_logger.c 2020-05-04 00:19:27.000000000 +0200 +++ new/postfix-3.9.1/src/util/msg_logger.c 2024-12-04 19:22:35.000000000 +0100 @@ -59,6 +59,9 @@ /* Override the fallback setting (see above) with the specified /* function pointer. This remains in effect until the next /* msg_logger_init() or msg_logger_control() call. +/* When the function is called with a null argument, it should +/* allocate resources immediately. This is needed in programs +/* that drop privileges after process initialization. /* .IP CA_MSG_LOGGER_CTL_DISABLE /* Disable the msg_logger. This remains in effect until the /* next msg_logger_init() call. @@ -320,6 +323,9 @@ msg_logger_disconnect(); if (MSG_LOGGER_NEED_SOCKET()) msg_logger_connect(); + if (msg_logger_sock == MSG_LOGGER_SOCK_NONE + && msg_logger_fallback_fn) + msg_logger_fallback_fn((char *) 0); break; default: msg_panic("%s: bad name %d", myname, name); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/postfix-3.9.0/src/xsasl/xsasl_dovecot_server.c new/postfix-3.9.1/src/xsasl/xsasl_dovecot_server.c --- old/postfix-3.9.0/src/xsasl/xsasl_dovecot_server.c 2023-11-02 15:08:18.000000000 +0100 +++ new/postfix-3.9.1/src/xsasl/xsasl_dovecot_server.c 2024-12-04 19:21:30.000000000 +0100 @@ -297,6 +297,7 @@ (unsigned int) getpid()); if (vstream_fflush(sasl_stream) == VSTREAM_EOF) { msg_warn("SASL: Couldn't send handshake: %m"); + (void) vstream_fclose(sasl_stream); return (-1); } success = 0;