[An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-3.5.10.html]
The following fixes address null pointer bugs and a memory leak that have no potential for information loss or leaks, privilege escalation, or denial of service. Fixed in Postfix 3.4 and 3.5: * Missing null pointer checks (introduced in Postfix 3.4) after an internal I/O error during the smtp(8) to tlsproxy(8) handshake. Found by Coverity, reported by Jaroslav Skarvada. Based on a fix by Viktor Dukhovni. Fixed in all supported Postfix releases: * Null pointer bug (introduced in Postfix 3.0) and memory leak (introduced in Postfix 3.4) after an inline: table syntax error in main.cf or master.cf. Found by Coverity, reported by Jaroslav Skarvada. Based on a fix by Viktor Dukhovni. * Incomplete null pointer check (introduced: Postfix 2.10) after truncated HaProxy version 1 handshake message. Found by Coverity, reported by Jaroslav Skarvada. Fix by Viktor Dukhovni. * Missing null pointer check (introduced: Postfix alpha) after null argv[0] value. You can find the updated Postfix source code at the mirrors listed at http://www.postfix.org/. Wietse