diff options
| author | taca <taca@pkgsrc.org> | 2021-11-08 13:58:09 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2021-11-08 13:58:09 +0000 |
| commit | c954ee3fa75f430089be8a88d9ef2386a402f496 (patch) | |
| tree | d3e417f684e6abd9d089ace58c0250566c5d3dab /mail | |
| parent | 729c8f9e911c46655767eaef06e44fe27a8584b4 (diff) | |
| download | pkgsrc-c954ee3fa75f430089be8a88d9ef2386a402f496.tar.gz | |
mail/postfix: update to 3.6.3
Quote from release announce:
Fixed in Postfix 3.6.3, 3.5.13, 3.4.23, 3.3.20:
* (problem introduced in Postfix 2.4, released in 2007): queue
file corruption after a Milter (for example, MIMEDefang) made
a request to replace the message body with a copy of that message
body plus additional text (for example, a SpamAssassin report).
The most likely impacts were a) the queue manager reporting a
fatal error resulting in email delivery delays, or b) the queue
manager reporting the corruption and moving the message to the
corrupt queue for damaged messages.
However, a determined adversary could craft an email message
that would trigger the bug, and insert into its queue file a
content filter destination or a redirect email address. Postfix
would then deliver the message headers there, in most cases
without delivering the message body. With enough experimentation,
an attacker could make Postfix deliver both the message headers
and body.
Some details of a successful attack depend on the Milter
implementation, and on the Postfix and Milter configuration
details; these can be determined remotely through experimentation.
Failed experiments may be detected when the queue manager
terminates with a fatal error, or when the queue manager moves
damaged files to the "corrupt" queue as evidence.
Technical details: when Postfix executes a "replace body" Milter
request it will reuse queue file storage that was used by the
existing email message body. If the new body is larger, Postfix
will append body content to the end of the queue file. The
corruption happened when a Milter (for example, MIMEDefang)
made a request to replace the body of a message with a new body
that contained a copy of the original body plus some new text,
and the original body contained a line longer than $line_length_limit
bytes (for example, an image encoded in base64 without hard or
soft line breaks). In queue files, Postfix stores a long text
line as multiple records with up to $line_length_limit bytes
each. Unfortunately, Postfix's "replace body" support did not
account for the additional queue file space needed to store the
second etc. record headers. And thus, the last record(s) of a
long text line could overwrite one or more queue file records
immediately after the space that was previously occupied by the
original message body.
Problem report by Benoit Panizzon.
* (problem introduced in Postfix 2.10, released in 2012): The
postconf "-x" option could produce incorrect output, because
multiple functions were implicitly sharing a buffer for
intermediate results. Problem report by raf, root cause analysis
by Viktor Dukhovni.
* (problem introduced in Postfix 2.11, released in 2013): The
check_ccert_access feature worked as expected, but produced a
spurious warning when Postfix was built without SASL support.
Fix by Brad Barden.
* Fix for a compiler warning due to a missing 'const' qualifier
when compiling Postfix with OpenSSL 3. Depending on compiler
settings this could cause the build to fail.
Fixed in Postfix 3.6:
* The known_tcp_ports settings had no effect. It also wasn't fully
implemented. Problem report by Peter.
* Fix for missing space between a hostname and warning text.
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/postfix/Makefile | 3 | ||||
| -rw-r--r-- | mail/postfix/Makefile.common | 4 | ||||
| -rw-r--r-- | mail/postfix/distinfo | 8 |
3 files changed, 7 insertions, 8 deletions
diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index f90a1f2429a..39f6264d75d 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.330 2021/08/29 21:04:55 khorben Exp $ +# $NetBSD: Makefile,v 1.331 2021/11/08 13:58:09 taca Exp $ -PKGREVISION= 2 .include "../../mail/postfix/Makefile.common" COMMENT= Fast, easy to administer, and secure mail transfer agent diff --git a/mail/postfix/Makefile.common b/mail/postfix/Makefile.common index 6fec255a1a5..4e77ddbc7ec 100644 --- a/mail/postfix/Makefile.common +++ b/mail/postfix/Makefile.common @@ -1,8 +1,8 @@ -# $NetBSD: Makefile.common,v 1.37 2021/07/26 15:38:10 taca Exp $ +# $NetBSD: Makefile.common,v 1.38 2021/11/08 13:58:09 taca Exp $ # used by mail/postfix/Makefile # used by mail/postfix/Makefile.module -DISTNAME= postfix-3.6.2 +DISTNAME= postfix-3.6.3 CATEGORIES= mail MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ diff --git a/mail/postfix/distinfo b/mail/postfix/distinfo index 82e145c5db2..b3177533371 100644 --- a/mail/postfix/distinfo +++ b/mail/postfix/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.198 2021/10/26 10:54:21 nia Exp $ +$NetBSD: distinfo,v 1.199 2021/11/08 13:58:09 taca Exp $ -BLAKE2s (postfix-3.6.2.tar.gz) = 76c630269f750be4665370df8a3a922a7ec1bedfe88e450140c975d8b415d863 -SHA512 (postfix-3.6.2.tar.gz) = 464ce9ec77e637ede91123472a0383b2bfda52102f9e9852c7191016d4fda2e14f302f2db9793887c182688c2a14dde6eeda728523196a627a8028f99555a4d9 -Size (postfix-3.6.2.tar.gz) = 4749530 bytes +BLAKE2s (postfix-3.6.3.tar.gz) = 1ba19a223c40f45a0bf4e5994b2acba2ef6210ad7c524b72eb4adf7302446ce1 +SHA512 (postfix-3.6.3.tar.gz) = 7179aaeeaf27838b867d9a07f9a889d7cd6b7f5053e123caef4dff2820d4df6d5be167effedde6c857b4468966b8449c631e56405e1ac2d589716fb4e3f15e3b +Size (postfix-3.6.3.tar.gz) = 4750833 bytes SHA1 (patch-aa) = c8216f133e202a7bb37682b0dbc1448f021e7c1c SHA1 (patch-ag) = feccf4aba580f581953b32e6c3a2c453fcb9131c SHA1 (patch-ai) = b93d8b4e7a52e2c281cf0815ef2cf653c3cd7efa |