Overview Repositories Revisions Requests Users Attributes Meta

Revisions of postfix

buildservice-autocommit accepted request 1180049 from Peter Varkoly's avatar Peter Varkoly (varkoly) (revision 488) 
baserev update by copy to link target
Peter Varkoly's avatar Peter Varkoly (varkoly) accepted request 1180009 from Adam Majer's avatar Adam Majer (adamm) (revision 487) 
- Set built-in path values to suse values (bsc#1215689)
buildservice-autocommit accepted request 1175398 from Christian Wittmer's avatar Christian Wittmer (computersalat) (revision 486) 
baserev update by copy to link target
buildservice-autocommit accepted request 1174920 from Peter Varkoly's avatar Peter Varkoly (varkoly) (revision 484) 
baserev update by copy to link target
Peter Varkoly's avatar Peter Varkoly (varkoly) committed (revision 483) 
- config.postfix needs updating (bsc#1224207)
  * chkconfig -> systemctl
  * Link Cyrus lmtp only if this exsists
  * /usr/lib64/sasl2 does not need to exist
  * Fetch timezone via readlink from /etc/localtime

- config.postfix needs updating (bsc#1224207)
  * chkconfig -> systemctl
  * Link Cyrus lmtp only if this exsists
  * /usr/lib64/sasl2 does not need to exist
  * Fetch timezone via readlink from /etc/localtime
buildservice-autocommit accepted request 1173989 from Dirk Stoecker's avatar Dirk Stoecker (dstoecker) (revision 482) 
baserev update by copy to link target
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 1156371 from Arjen de Korte's avatar Arjen de Korte (adkorte) (revision 481) 
- update to 3.9.0
  * As described in DEPRECATION_README, the SMTP server features
    "permit_naked_ip_address", "check_relay_domains", and
    "reject_maps_rbl" have been removed, after they have been logging
    a warning for some 20 years. These features now log a warning
    and return a "server configuration error" response.
  * The MySQL client no longer supports MySQL versions < 4.0. MySQL
    version 4.0 was released in 2003.
  * As covered in DEPRECATION_README, the configuration parameter
    "disable_dns_lookup" and about a dozen TLS-related parameters
    are now officially obsolete. These parameters still work, but
    the postconf command logs warnings that they will be removed
    from Postfix.
  * As covered in DEPRECATION_README, "permit_mx_backup" logs a
    warning that it will be removed from Postfix.
  * In message headers, Postfix now formats numerical days as
    two-digit days, i.e. days 1-9 have a leading zero instead of a
    leading space. This change was made because the RFC 5322 date
    and time specification recommends (i.e. SHOULD) that a single
    space be used in each place that folding white space appears.
    This change avoids a breaking change in the length of a date
    string.
  * The MySQL client default characterset is now configurable with
    the "charset" configuration file attribute. The default is
    "utf8mb4", consistent with the MySQL 8.0 built-in default, but
    different from earlier MySQL versions where the built-in default
    was "latin1".
  * Support to query MongoDB databases, contributed by Hamid Maadani,
    based on earlier code by Stephan Ferraro. See MONGODB_README
    and mongodb_table(5)
  * The RFC 3461 envelope ID is now exported in the local(8) delivery
    agent with the ENVID environment variable, and in the pipe(8)
    delivery agent with the ${envid} command-line attribute.
  * Configurable idle and retry timer settings in the mysql: and
    pgsql: clients. A shorter than default retry timer can sped up
    the recovery after error, when Postfix is configured with only
    one server in the "hosts" attribute. After the code was frozen
    for release, we have learned that Postfix can recover faster
    from some errors when the single server is specified multiple
    times in the "hosts" attribute.
  * Optional Postfix TLS support to request an RFC7250 raw public
    key instead of an X.509 public-key certificate. The configuration
    settings for raw key public support will be ignored when there
    is no raw public key support in the local TLS implementation
    (i.e. Postfix with OpenSSL versions before 3.2). See RELEASE_NOTES
    for more information.
  * Preliminary support for OpenSSL configuration files, primarily
    OpenSSL 1.1.1b and later. This introduces two new parameters
    "tls_config_file" and "tls_config_name", which can be used to
    limit collateral damage from OS distributions that crank up
    security to 11, increasing the number of plaintext email
    deliveries. Details are in the postconf(5) manpage under
    "tls_config_file" and "tls_config_name".
  * With "smtpd_forbid_unauth_pipelining = yes" (the default),
    Postfix defends against multiple "blind" SMTP attacks. This
    feature was back-ported to older stable releases but disabled
    by default.
  * With "smtpd_forbid_bare_newline = normalize" (the default)
    Postfix defends against SMTP smuggling attacks. See RELEASE_NOTES
    for details. This feature was back-ported to older stable
    releases but disabled by default.
  * Prevent outbound SMTP smuggling, where an attacker uses Postfix
    to send email containing a non-standard End-of-DATA sequence,
    to exploit inbound SMTP smuggling at a vulnerable remote SMTP
    server. With "cleanup_replace_stray_cr_lf = yes" (the default),
    the cleanup daemon replaces each stray <CR> or <LF> character
    in message content with a space character. This feature was
    back-ported to older stable releases with identical functionality.
  * The Postfix DNS client now limits the total size of DNS lookup
    results to 100 records; it drops the excess records, and logs
    a warning. This limit is 20x larger than the number of server
    addresses that the Postfix SMTP client is willing to consider
    when delivering mail, and is far below the number of records
    that could cause a tail recursion crash in dns_rr_append() as
    reported by Toshifumi Sakaguchi. This also introduces a similar
    limit on the number of DNS requests that a check_*_*_access
    restriction can make. All this was back-ported to older stable
    releases with identical functionality.
- refreshed patch:
  % postfix-no-md5.patch
- change obsoleted "disable_dns_lookups" to "smtp_dns_support_level"
  % postfix-SUSE.tar.gz
  % postfix-main.cf.patch
  % postfix-master.cf.patch
buildservice-autocommit accepted request 1166904 from Dirk Stoecker's avatar Dirk Stoecker (dstoecker) (revision 480) 
baserev update by copy to link target
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 1165385 from Georg Pfuetzenreuter's avatar Georg Pfuetzenreuter (crameleon) (revision 479) 
Move qshape(1) out of -doc, install it as a binary with the main package
buildservice-autocommit accepted request 1155598 from Christian Wittmer's avatar Christian Wittmer (computersalat) (revision 478) 
baserev update by copy to link target
Christian Wittmer's avatar Christian Wittmer (computersalat) accepted request 1155290 from Arjen de Korte's avatar Arjen de Korte (adkorte) (revision 477) 
- update to 3.8.6
  * Bugfix (defect introduced: Postfix 2.3, date 20051222): the
    Dovecot auth client did not reset the 'reason' from a previous
    Dovecot auth service response, before parsing the next Dovecot
    auth server response in the same SMTP session, resulting in a
    nonsensical "authentication failed" warning message. Reported
    by Stephan Bosch.
  * Bugfix (defect introduced: Postfix 3.1, date: 20151128):
    "postqueue -j" produced broken JSON when escaping a control
    character as \uXXXX. Found during code maintenance.
  * Cleanup: this fixes posttls-finger certificate match expectations
    for all TLS security levels, including warnings for levels that
    don't implement certificate matching. By Viktor Dukhovni.
  * Bugfix (defect introduced: Postfix 2.3): after prepending a
    header at the top of a message (with an access(5), header_checks(5)
    or Milter action), the Postfix Milter "delete header" or "update
    header" action was skipping the prepended header, instead of
    skipping the Postfix-generated Received: header. Problem report
    by Carlos Velasco.
  * Workaround: tlsmgr logfile spam. Reportedly, some OS lies under
    load: it says that a socket is readable, then it says that the
    socket has unread data, and then it says that read returns EOF,
    causing Postfix to spam the log with a warning message.
  * Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT
    command handler could be tricked to read $message_size_limit
    bytes into memory. Found during code maintenance.
  * Safety: limit the total size of DNS lookup results to 100
    records; drop the excess records, and log a warning. This limit
    is 20x larger than the number of server addresses that the
    Postfix SMTP client is willing to consider when delivering mail,
    and is far below the number of records that could cause a tail
    recursion crash in dns_rr_append() as reported by Toshifumi
    Sakaguchi. This fix also limits the number of DNS requests that
    a check_*_*_access restriction can make.
  * Performance, related to the previous problem: eliminate worst-case
    behavior where the queue manager could defer delivery to all
    destinations over a specific delivery transport, after only a
    single delivery agent crash. The scheduler now throttles
    deliveries to one destination, and allows other deliveries to
    keep making progress.
- change to functioning mirror (http://cdn.postfix.johnriley.me/ 
  has been dead for a while although it is still listed upstream)
- make output of %setup less verbose by restoring -q option
Peter Varkoly's avatar Peter Varkoly (varkoly) committed (revision 476) 
- %autosetup does not works with multiple -a.
  https://github.com/rpm-software-management/rpm/issues/1204 

- %autosetup does not works with multiple -a.
  https://github.com/rpm-software-management/rpm/issues/1204
Peter Varkoly's avatar Peter Varkoly (varkoly) committed (revision 475) 
%autosetup does not works with muzltiple -a.
https://github.com/rpm-software-management/rpm/issues/1204
Peter Varkoly's avatar Peter Varkoly (varkoly) accepted request 1153300 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 474) 
- Use %autosetup macro. Allows to eliminate the usage of deprecated
  %patchN.

- Use %autosetup macro. Allows to eliminate the usage of deprecated
  %patchN.
buildservice-autocommit accepted request 1145294 from Christian Wittmer's avatar Christian Wittmer (computersalat) (revision 473) 
baserev update by copy to link target
Christian Wittmer's avatar Christian Wittmer (computersalat) accepted request 1143513 from Christian Wittmer's avatar Christian Wittmer (computersalat) (revision 472) 
rework fix for bsc#1192173, rework SMTP Smuggling defaults, sync main.cf patches, sync changes files
buildservice-autocommit accepted request 1141719 from Peter Varkoly's avatar Peter Varkoly (varkoly) (revision 471) 
baserev update by copy to link target
Peter Varkoly's avatar Peter Varkoly (varkoly) accepted request 1141039 from Arjen de Korte's avatar Arjen de Korte (adkorte) (revision 470) 
- update to 3.8.5
  * Security: this release improves support to defend against an email
    spoofing attack (SMTP smuggling) on recipients at a Postfix server.
    For background, see https://www.postfix.org/smtp-smuggling.html.

- update to 3.8.5
  * Security: this release improves support to defend against an email
    spoofing attack (SMTP smuggling) on recipients at a Postfix server.
    For background, see https://www.postfix.org/smtp-smuggling.html.
buildservice-autocommit accepted request 1139868 from Peter Varkoly's avatar Peter Varkoly (varkoly) (revision 469) 
baserev update by copy to link target
Displaying revisions 1 - 20 of 488
openSUSE Build Service is sponsored by
Places