From patchwork Wed Sep 13 15:27:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7171 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Rm48c5sdzz3wtG for ; Wed, 13 Sep 2023 15:28:00 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Rm48b29S5zhS; Wed, 13 Sep 2023 15:27:59 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Rm48b14xjz2ydx; Wed, 13 Sep 2023 15:27:59 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Rm48Z1Vzmz2xrq for ; Wed, 13 Sep 2023 15:27:58 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Rm48Y3QM2zd6; Wed, 13 Sep 2023 15:27:57 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1694618877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=/F7AEik+URXsdWs1/orGxfsbglFJeNBYywybIQ9GtzI=; b=N1sUWrSlzgy6JSZQHHTe7HOyHcg5+WhELUWVAMaXd6AoNJ2lS1dXMZ0nMP0thl47OkhXIA m1Tc9jLAKFseoDBw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1694618877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=/F7AEik+URXsdWs1/orGxfsbglFJeNBYywybIQ9GtzI=; b=lXi7N3SmBXQjG+QQppqzEUwrwRRqSu9NHQ8ZpDvkJe4I1r+JM5aZ+raYMO+9Oe2iFhAVjU pix/ZaHcO3QZvZGFtyh/dAHc0sWG0qSHzb/TGQqD537s+ckw5vQI7Rw70ucroCH8JrpR6q T0iLVkiBOAUZEoJQXezbcvGqCm81kILyEm9SosejSvbl3BRMRjurZcoL0/HT9NwFqI76m9 63r1QYbu7sKTBKrj7XiWuFt9prbzrDCTZJMnr0lHnGomXeLpufMYuBUcmMqMP6M7ed1AeA 6N9Wm6iZ3bPs0til+s0+vw9kzYPs7SV0azSzw0A+UjScN0Du5sku0kBTDd3BdQ== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] postfix: Update to version 3.8.2 Date: Wed, 13 Sep 2023 17:27:54 +0200 Message-ID: <20230913152754.2680158-1-adolf.belka@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" - Update from version 3.8.1 to 3.8.2 - Update of rootfile not required - Changelog 3.8.2 Bugfix (defect introduced: Postfix alpha, 19980207): the valid_hostname() check in the Postfix DNS client library was blocking unusual but legitimate wildcard names (*.name) in some DNS lookup results and lookup requests. Examples: name class/type result *.one.example IN CNAME *.other.example *.other.example IN A 10.0.0.1 *.other.example IN TLSA ..certificate info... Such syntax is blesed in RFC 1034 section 4.3.3. Bugfix (defect introduced: Postfix 3.0, 20140218): when an address verification probe fails during or after an opportunistic TLS handshake, don't enforce a minimum time-in-queue before falling back to plaintext. Problem reported by Serg. Signed-off-by: Adolf Belka --- lfs/postfix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/postfix b/lfs/postfix index f2ae45007..532ec37ca 100644 --- a/lfs/postfix +++ b/lfs/postfix @@ -26,7 +26,7 @@ include Config SUMMARY = A fast, secure, and flexible mailer -VER = 3.8.1 +VER = 3.8.2 THISAPP = postfix-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = postfix -PAK_VER = 41 +PAK_VER = 42 DEPS = @@ -70,7 +70,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 83c043d6e74cbbf0c5d739838ff99d4905aa711b13483fe0f427956b962c432e6f76d9828b5c141260e210c9605ac260df950d273d5729c36666c935a3ed4518 +$(DL_FILE)_BLAKE2 = 233693e088901e8ed986e34d60b55fb6b786c37868095ab914e6049c5ad6aee09f07d3b5d1f2bec64d8570e215bb15196760d30074cd8ddfaeff3897ad117b81 install : $(TARGET)