Bug#925418: unblock: postfix/3.4.4-1

2019-03-28 Thread Niels Thykier 
Control: tags -1 confirmed moreinfo

Scott Kitterman:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package postfix
> 
> About the time we were switching to postfix 3.4 in Buster there were a series
> of bug reports/updates from upstream.  The first one (3.4.1 was caught in the
> transition from experimental to unstable/buster.  I decided to wait and see
> how things went upstream before uploading/asking for another unblock.
> 
> It looks like things have calmed down, so I'd like to get 3.4.4 into buster to
> address several bugs, two of which are significant.  Since this is a post-
> freeze bugfix update, I've taken to using the same level of detail in debian/
> changelog that I've used for the stretch pu uploads that we've been doing
> (3.1.6, 3.1.8, and 3.1.9).
> 
> These are all good bug fixes to have.  The broken DANE trust anchor file
> support is a serious regression in it's own right and the
> reject_multi_recipient_bounce bug, while not new, seems to be more frequent or
> more visible with BDAT.
> 
> Thanks for considering,
> 
> Scott K
> 
> unblock postfix/3.4.4-1
> 

Hi Scott,

Please go ahead with the 3.4.4-1 version and remove the moreinfo tag
when it is ready.

Thanks,
~Niels

Bug#925418: unblock: postfix/3.4.4-1

2019-03-25 Thread Scott Kitterman 
On Sun, 24 Mar 2019 16:04:02 -0400 Scott Kitterman  
wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package postfix
> 
> About the time we were switching to postfix 3.4 in Buster there were a 
series
> of bug reports/updates from upstream.  The first one (3.4.1 was caught in 
the
> transition from experimental to unstable/buster.  I decided to wait and see
> how things went upstream before uploading/asking for another unblock.
> 
> It looks like things have calmed down, so I'd like to get 3.4.4 into buster 
to
> address several bugs, two of which are significant.  Since this is a post-
> freeze bugfix update, I've taken to using the same level of detail in 
debian/
> changelog that I've used for the stretch pu uploads that we've been doing
> (3.1.6, 3.1.8, and 3.1.9).
> 
> These are all good bug fixes to have.  The broken DANE trust anchor file
> support is a serious regression in it's own right and the
> reject_multi_recipient_bounce bug, while not new, seems to be more frequent 
or
> more visible with BDAT.
> 
> Thanks for considering,
> 
> Scott K
> 
> unblock postfix/3.4.4-1

I've just realized that there is a Debian bug for the BDAT chunking bug 
(#925082).  I've adjusted it's severity appropriately and added it to debian/ 
changelog for the upload, so that's two Debian RC bugs this update fixes.

Scott K

Bug#925418: unblock: postfix/3.4.4-1

2019-03-24 Thread Scott Kitterman 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package postfix

About the time we were switching to postfix 3.4 in Buster there were a series
of bug reports/updates from upstream.  The first one (3.4.1 was caught in the
transition from experimental to unstable/buster.  I decided to wait and see
how things went upstream before uploading/asking for another unblock.

It looks like things have calmed down, so I'd like to get 3.4.4 into buster to
address several bugs, two of which are significant.  Since this is a post-
freeze bugfix update, I've taken to using the same level of detail in debian/
changelog that I've used for the stretch pu uploads that we've been doing
(3.1.6, 3.1.8, and 3.1.9).

These are all good bug fixes to have.  The broken DANE trust anchor file
support is a serious regression in it's own right and the
reject_multi_recipient_bounce bug, while not new, seems to be more frequent or
more visible with BDAT.

Thanks for considering,

Scott K

unblock postfix/3.4.4-1
diff -Nru postfix-3.4.1/debian/changelog postfix-3.4.4/debian/changelog
--- postfix-3.4.1/debian/changelog	2019-03-07 21:51:20.0 -0500
+++ postfix-3.4.4/debian/changelog	2019-03-24 15:35:12.0 -0400
@@ -1,3 +1,31 @@
+postfix (3.4.4-1) unstable; urgency=medium
+
+  [Wietse Venema]
+
+  * 3.4.2
+- Bugfix (introduced: 20181226): broken DANE trust anchor
+  file support, caused by left-over debris from the 20181226
+  TLS library overhaul. Scott Kitterman. File: tls/tls_dane.c.
+  Closes: #924183
+- Bugfix (introduced: Postfix-1.0.1): null pointer read, while
+  logging a warning after a corrupted bounce log file. File:
+  global/bounce_log.c.
+- Bugfix (introduced: Postfix-2.9.0): null pointer read, while
+  logging a warning after a postscreen_command_filter read
+  error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
+  * 3.4.3
+- Bitrot: LINUX5s support, after some sanity checks with a
+  rawhide prerelease version. Files: makedefs, util/sys_defs.h.
+  Closes: #922477
+  * 3.4.4
+- Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
+  has been producing false rejects starting with the Postfix
+  2.2 smtpd_end_of_data_restrictons, and for the same reasons,
+  does the same with the Postfix 3.4 BDAT command. The latter
+  was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
+
+ -- Scott Kitterman   Sun, 24 Mar 2019 15:28:00 -0400
+
 postfix (3.4.1-1) unstable; urgency=medium
 
   [Scott Kitterman]
diff -Nru postfix-3.4.1/HISTORY postfix-3.4.4/HISTORY
--- postfix-3.4.1/HISTORY	2019-03-07 19:08:17.0 -0500
+++ postfix-3.4.4/HISTORY	2019-03-14 19:57:12.0 -0400
@@ -24169,3 +24169,29 @@
 	the same filename for a private key and certificate. Reported
 	by Mike Kazantsev. Fix by Viktor Dukhovni. Wietse fixed the
 	test. Files: tls/tls_certkey.c, tls/Makefile.in.
+
+20190310
+
+	Bitrot: LINUX5s support, after some sanity checks with a
+	rawhide prerelease version. Files: makedefs, util/sys_defs.h.
+
+	Bugfix (introduced: 20181226): broken DANE trust anchor
+	file support, caused by left-over debris from the 20181226
+	TLS library overhaul. By intrigeri. File: tls/tls_dane.c.
+
+	Bugfix (introduced: Postfix-1.0.1): null pointer read, while
+	logging a warning after a corrupted bounce log file. File:
+	global/bounce_log.c.
+
+	Bugfix (introduced: Postfix-2.9.0): null pointer read, while
+	logging a warning after a postscreen_command_filter read
+	error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
+
+20190312
+
+	Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
+	has been producing false rejects starting with the Postfix
+	2.2 smtpd_end_of_data_restrictons, and for the same reasons,
+	does the same with the Postfix 3.4 BDAT command. The latter
+	was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
+
diff -Nru postfix-3.4.1/makedefs postfix-3.4.4/makedefs
--- postfix-3.4.1/makedefs	2019-02-10 18:11:21.0 -0500
+++ postfix-3.4.4/makedefs	2019-03-10 19:42:59.0 -0400
@@ -557,7 +557,7 @@
 		: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
 		: ${PLUGIN_LD="${CC-gcc} -shared"}
 		;;
-  Linux.[34].*)	SYSTYPE=LINUX$RELEASE_MAJOR
+ Linux.[345].*)	SYSTYPE=LINUX$RELEASE_MAJOR
 		case "$CCARGS" in
 		 *-DNO_DB*) ;;
 		 *-DHAS_DB*) ;;
diff -Nru postfix-3.4.1/src/global/bounce_log.c postfix-3.4.4/src/global/bounce_log.c
--- postfix-3.4.1/src/global/bounce_log.c	2014-12-06 20:35:33.0 -0500
+++ postfix-3.4.4/src/global/bounce_log.c	2019-03-10 17:08:20.0 -0400
@@ -264,7 +264,7 @@
 	recipient = cp + 1;
 	if ((cp = strstr(recipient, ">: ")) == 0) {
 	msg_warn("%s: malformed record: %.30s...",
-		 VSTREAM_PATH(bp->fp), cp);
+		 VSTREAM_PATH(bp->fp), recipient - 1);
 	continue;
 	}
 	*cp = 0;
diff -Nru postfix-3.4.1/src/global/mail_version.h postfix-3.4.4/src/global/mail_version.h