-
postfix (3.4.23-0+deb10u1) buster; urgency=medium
[Scott Kitterman]
* Refresh patches
* Update d/p/70_postfix-check.diff to exclude makedefs.out from synlink
check. Closes: #926331
* Do not override user set default_transport in postinst. Closes: #988538
* Add information about keeping resolv.conf up to date in the chroot with
the resolvconf package. Closes: #964762
[Sergio Gelato]
* Correct if-up.d to not error out if postfix can't send mail yet.
Closes: #959864
[Paride Legovini]
* d/postfix.postinst: tolerate search domain with a leading dot.
Closes: #991950
[Wietse Venema]
* 3.4.15
- Bugfix (introduced: Postfix 3.0): minor memory leaks in the
Postfix TLS library, found during tests. File: tls/tls_misc.c.
- Bugfix (introduced: Postfix 3.0): 4kbyte per session memory
leak in the Postfix TLS library, found during tests. File:
tls/tls_misc.c.
- Workaround for distros that override Postfix protocol
settings in a system-wide OpenSSL configuration file, causing
interoperability problems after an OS update. File:
tls/tls_client.c, tls/tls_server.c.
* 3.4.16
- Bugfix (introduced: Postfix 3.4.15): part of a memory leak
fix was backported to the wrong place. File: tls/tls_misc.c.
- The Postfix 3.4.15 workaround did not explictly override
the system-wide OpenSSL configuration of allowed TLS protocol
versions, for sessions where the remote SMTP client sends
SNI. It's better to be safe than sorry. File: tls/tls_server.c.
* 3.4.17
- Bugfix (introduced: Postfix 3.4, already fixed in Postfix
3.6): tlsproxy(8) was using the wrong DANE macro for
connections with DANE trust anchors or with non-DANE trust
anchors (WTF: Thorsten Habich found this bug in the use
case that has nothing to do with DANE). This resulted in a
global certificate verify function pointer race, between
TLS handshakes that use TLS trust achors and handshakes
that use PKI. No memory was corrupted in the course of all
this. Viktor Dukhovni. File: tlsproxy/tlsproxy.c.
- Cleanup: the posttls-finger '-X' option reported a false
conflict with '-r'. File: posttls-finger/posttls-finger.c.
* 3.4.18
- Bugfix (introduced: Postfix 2.0): smtp_sasl_mechanism_filter
ignored table lookup errors, treating them as 'not found'.
Found during Postfix 3.6 development. File: smtp/smtp_sasl_proto.c.
- Bugfix (introduced: Postfix 2.3): when deleting a recipient
with a milter, delete the recipient from the duplicate
filter, so that the recipient can be added back. Backported
from Postfix 3.6. Files: global/been_here.[hc],
cleanup/cleanup_milter.c.
- Bugfix (introduced: before Postfix alpha): the code that
looks for Delivered-To: headers ignored headers longer than
$line_length_limit. Backported from Postfix 3.6. File:
global/delivered_hdr.c.
- Bugfix (introduced: Postfix 2.8): save a copy of the
postscreen_dnsbl_reply_map lookup result. This has no effect
when the recommended texthash: look table is used, but it
may avoid stale data with other lookup tables. File:
postscreen/postscreen_dnsbl.c.
- Bugfix (introduced: Postfix 2.2): after processing an
XCCLIENT command, the smtps service was waiting for a TLS
handshake. Found by Aki Tuomi. File: smtpd/smtpd.c.
- Bugfix (introduced: Postfix 2.3): static maps did not free
their casefolding buffer. File: util/dict_static.c.
* 3.4.19
- Feature: when a Postfix program makes a DNS query that
requests DNSSEC validation (usually for Postfix DANE support)
but the DNS response is not DNSSEC validated, Postfix will
send a DNS query configured with the "dnssec_probe" parameter
to determine if DNSSEC support is available, and logs a
warning if it is not. By default, the probe has type "ns"
and domain name ".". The probe is sent once per process
lifetime. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_sec.c,
test_dns_lookup.c, global/mail_params.[hc], mantools/postlink.
- The default "smtp_tls_dane_insecure_mx_policy = dane" was
causing unnecessary dnssec_probe activity. The default is now
"dane" when smtp_tls_security_level is "dane", otherwise it is
"may". File: global/mail_params.h.
* 3.4.20
- Missing null pointer checks (introduced: Postfix 3.4) after
an internal I/O error during the smtp(8) to tlsproxy(8)
handshake. Found by Coverity, reported by Jaroslav Skarvada.
Based on fix by Viktor Dukhovni. File: tls/tls_proxy_client_scan.c.
- Null pointer bug (introduced: Postfix 3.0) and memory leak
(introduced: Postfix 3.4) after an inline: table syntax
error in main.cf or master.cf. Found by Coverity, reported
by Jaroslav Skarvada. Based on fix by Viktor Dukhovni. File:
util/dict_inline.c.
- Incomplete null pointer check (introduced: Postfix 2.10)
after truncated HaProxy version 1 handshake message. Found
by Coverity, reported by Jaroslav Skarvada. Fix by Viktor
Dukhovni. File: global/haproxy_srvr.c.
- Missing null pointer check (introduced: Postfix alpha) after
null argv[0] value. File: global/mail_task.c.
* 3.4.21
- Bugfix (introduced: Postfix 2.11): the command "postmap
lmdb:/file/name" handled duplicate keys ungracefully,
discarding entries stored up to and including the duplicate
key, and causing a double free() call with lmdb versions
0.9.17 and later. Reported by Adi Prasaja; double free()
root cause analysis by Howard Chu. File: util/slmdb.c.
- Typo (introduced: Postfix 3.4): silent_discard should be
silent-discard. File: proto/BDAT_README.html.
- Support for Postfix 3.6 compatibility_level syntax, to avoid
fatal runtime errors when rolling back from Postfix 3.6 to
an earlier supported version, or when sharing Postfix 3.6
configuration files with an earlier supported Postfix
version. File: global/mail_params.c.
* 3.4.22
- Bugfix (introduced: Postfix 3.4): the texthash: map
implementation did not support "postmap -F" behavior.
Reported by Christopher Gurnee, who also found the missing
code in the postmap source. File: util/dict_thash.c.
- Bugfix (introduced: 1999, Postfix 2.11) latent false "Result too
large" (ERANGE) errors because an strtol() call had no 'errno
= 0' statement before the call. Back-ported from Postfix 3.6.
Files: postscreen/postscreen_tests.c, util/mac_expand.c.
- Bugfix (introduced: Postfix 3.3): "null pointer read" error
in the cleanup daemon when "header_from_format = standard"
(the default as of Postfix 3.3) and email was submitted
with /usr/sbin/sendmail without From: header, and an all-space
full name was specified in 1) the password file, 2) with
"sendmail -F", or 3) with the NAME environment variable.
Found by Renaud Metrich. File: cleanup/cleanup_message.c.
(Closes: #968057)
- Bugfix (introduced: 1999): the Postfix SMTP server was
sending all session transcripts to the error_notice_recipient,
instead of sending transcripts of bounced mail to the
bounce_notice_recipient. File: smtpd/smtpd_chat.c.
- Bugfix (introduced: Postfix 2.4): false "too many reverse
jump" warnings in the showq daemon. The loop detection code
was comparing memory addresses instead of queue file names.
It now properly compares strings. Reported by Mehmet Avcioglu.
File: global/record.c.
* 3.4.23
- Bitrot: OpenSSL 3.x requires const. File: tls/tls_misc.c.
- Bugfix (bug introduced: Postfix 2.10): postconf -x produced
incorrect output, because different functions were implicitly
sharing a buffer for intermediate results. Reported
by raf, root cause analysis by Viktor Dukhovni. File:
postconf/postconf_builtin.c.
- Bugfix (problem introduced: Postfix 2.11): check_ccert_access
worked as expected, but produced a spurious warning when
Postfix was built without SASL support. Fix by Brad Barden.
File: smtpd/smtpd_check.c.
- Bugfix (introduced: Postfix 2.4): queue file corruption
after a Milter (for example, MIMEDefang) made a request to
replace the message body with a copy of that message body
plus additional text (for example, a SpamAssassin report).
The most likely impacts were a) the queue manager reporting
a fatal error resulting in email delivery delays, or b) the
queue manager reporting the corruption and moving the message
to the corrupt queue for damaged messages.
However, a determined adversary could craft an email message
that would trigger the bug, and insert a content filter
destination or a redirect email address into its queue file.
Postfix would then deliver the message headers there, in
most cases without delivering the message body. With enough
experimentation, an attacker could make Postfix deliver
both the message headers and body.
The details of a successful attack depend on the Milter
implementation, and on the Postfix and Milter configuration
details; these can be determined remotely through
experimentation. Failed experiments may be detected when
the queue manager terminates with a fatal error, or when
the queue manager moves damaged files to the "corrupt" queue
as evidence.
Technical details: when Postfix executes a "replace body"
Milter request it will reuse queue file storage that was
used by the existing email message body. If the new body
is larger, Postfix will append body content to the end of
the queue file. The corruption happened when a Milter (for
example, MIMEDefang) made a request to replace the body of
a message with a new body that contained a copy of the
original body plus some new text, and the original body
contained a line longer than $line_length_limit bytes (for
example, an image encoded in base64 without hard or soft
line breaks). In queue files, Postfix stores a long text
line as multiple records with up to $line_length_limit bytes
each. Unfortunately, Postfix's "replace body" support did
not account for the additional queue file space needed to
store the second etc. record headers. And thus, the last
record(s) of a long text line could overwrite one or more
queue file records immediately after the space that was
previously occupied by the original message body.
Problem report by Benoît Panizzon.
* Fix duplicate bounce_notice_recipient entries in postconf output.
Closes: #999694
[Andreas Hasenack]
* Fix autopkgtest so it works and uses python3
-- Scott Kitterman <email address hidden> Fri, 07 Jan 2022 11:04:17 -0500
-
postfix (3.4.14-0+deb10u1) buster; urgency=medium
[Cody Brownstein]
* README.Debian corrections:
- Fix instructions wrt SMTP generic mapping
- Fix authentication configuration example
[Scott Kitterman]
* Updated debian/watch to track postfix 3.4 series for stable updates
* Check GPG signature when downloading new versions via uscan
[Wietse Venema]
* 3.4.11
- No changes that affect Debian 10 (Buster)
* 3.4.12
- Bugfix: segfault in the tlsproxy client role when the server
role was disabled. This typically happens on systems that
do not receive mail, after configuring connection reuse for
outbound TLS. Found during program maintenance. File:
tlsproxy/tlsproxy.c.
- Bugfix (introduced: Postfix 3.4): maillog_file_rotate_suffix
default value used the minute instead of the month. Reported
by Larry Stone. Files: conf/postfix-tls-script,
proto/MAILLOG_README.html, proto/postconf.proto.
global/mail_params.h, postfix/postfix.c.
- Bitrot: avoid U_FILE_ACCESS_ERROR after chroot(), by
initializing the ICU library before making the chroot()
call. Files: util/midna_domain.[hc], global/mail_params.c.
- Noise suppression: avoid "SSL_Shutdown:shutdown while in
init" warnings. File: tls/tls_session.c.
- Bugfix (introduced: Postfix 2.2): a TLS error for a PostgreSQL
client caused a false 'lost connection' error for an SMTP
over TLS session in the same Postfix process. Reported by
Alexander Vasarab, diagnosed by Viktor Dukhovni. File:
tls/tls_bio_ops.c.
- Bugfix (introduced: Postfix 2.8): a TLS error for one TLS
session may cause a false 'lost connection' error for a
concurrent TLS session in the same tlsproxy process. File:
tlsproxy/tlsproxy.c.
* 3.4.13
- Bugfix (introduced: Postfix 3.1): "postfix tls deploy-server-cert"
did not handle a missing optional argument. File:
conf/postfix-tls-script.
- Bugfix (introduced: Postfix 3.4): in the Postfix SMTP server,
the SNI callback reported an error when it was called a
second time. This happened after the server-side TLS engine
sent a TLSv1.3 HelloRetryRequest (HRR) to a remote SMTP
client. Reported by Ján Máté, fixed by Viktor Dukhovni.
File: tls/tls_misc.c.
* 3.4.14
- Bugfix (introduced: Postfix 3.4): the connection_reuse
attribute in smtp_tls_policy_maps resulted in an "invalid
attribute name" error. Fix by Thorsten Habich. File:
smtp/smtp_tls_policy.c.
- Bugfix (introduced: Postfix 3.4): SMTP over TLS connection
reuse was broken for configurations that use explicit trust
anchors. Reported by Thorsten Habich. Cause: the tlsproxy
client was sending a zero certificate length. File:
tls/tls_proxy_client_print.c.
- Bugfix (introduced: Postfix 3.4): SMTP over TLS connection
reuse was broken for configurations that use explicit trust
anchors. Reported by Thorsten Habich. Fixed by calling DANE
initialization unconditionally (WTF). File: tlsproxy/tlsproxy.c.
- Bugfix (introduced: Postfix 2.11): The Postfix smtp(8)
client did not send the right SNI name when the TLSA base
domain was a secure CNAME expansion of the MX hostname (or
non-MX nexthop domain). Domains with CNAME expanded MX hosts
are not conformant with RFC5321, and so are rare. Even more
rare are MX hosts with TLSA records for their CNAME expansion.
For this to matter, the remote SMTP server would also have
to select its certificate based on the SNI name in such a
way that the original MX host would yield a different
certificate. Among the ~2 million hosts in the DANE survey,
none meet the conditions for returning a different certificate
for the expanded CNAME. Therefore, sending the correct SNI
name should not break existing mail flows. Fixed by Viktor
Dukhovni. File: src/tls/tls_client.c.
-- Scott Kitterman <email address hidden> Mon, 29 Jun 2020 21:33:31 -0400
-
postfix (3.4.10-0+deb10u1) buster; urgency=medium
[Wietse Venema]
* 3.4.10
- Bugfix (introduced: Postfix 2.3): panic with Postfix
multi-Milter configuration during MAIL FROM. Milter client
state was not properly reset after one of the Milters failed.
Reported by WeiYu Wu.
-- Scott Kitterman <email address hidden> Mon, 16 Mar 2020 15:43:44 -0400
-
postfix (3.4.8-0+10debu1) buster; urgency=medium
[Scott Kitterman]
* Refactor running status detection in sysv init based on upstream
postfix-script so it works in docker. Closes: #941293
[Wietse Venema]
* 3.4.8
- Bugfix (introduced: Postfix 2.8): don't gratuitously enable
all after-220 tests when only one such test is enabled.
This made selective tests impossible with 'good' clients.
File: postscreen/postscreen_smtpd.c.
- Bugfix: the 20180903 postscreen fix for a misleading
"PIPELINING after BDAT" warning looked at the wrong variable.
The warning now says "BDAT without valid RCPT", and the
error is no longer treated as a command PIPELINING error
(but sending BDAT is still a client error, because postscreen
rejects all RCPT commands and does not announce PIPELINING
support). File: postscreen/postscreen_smtpd.c.
- Usability: the parser for key/certificate chain files
rejected inputs that contain an EC PARAMETERS object. While
this is technically correct (the documentation says what
types are allowed) this is surprising behavior because the
legacy cert/key parameters will accept such inputs. For
now, the parser skips object types that it does not know
about for usability, and logs a warning because ignoring
inputs is not kosher. Viktor and Wietse. File: tls/tls_certkey.c.
-- Scott Kitterman <email address hidden> Wed, 15 Jan 2020 09:05:50 -0500
-
postfix (3.4.7-0+deb10u1) buster; urgency=medium
[Wietse Venema]
* 3.4.6
- Documentation: tlsext_padding is not a tls_ssl_options
feature. File: proto/postconf.proto.
- Portability: added "#undef sun" to util/unix_dgram_connect.c
(documented for completeness - no impact on Debian)
- Bugfix (introduced: Postfix 2.3): a censoring filter broke
multiline Milter responses for header/body events. Problem
report by Andreas Thienemann. Files: util/printable.c,
util/stringops.h, smtpd/smtpd.c
- Bugfix (introduced: Postfix 3.3): "smtp_mx_address_limit =
0" no longer meant 'unlimited'. Problem report by Luc Pardon.
File: smtp/smtp_addr.c.
- Documentation: updated the BUGS section in the smtp(8) manpage
about TLS connection reuse. File: smtp/smtp.c.
- Workaround for implementations that hang Postfix while
shutting down a TLS session, until Postfix times out. With
"tls_fast_shutdown_enable = yes" (the default), Postfix no
longer waits for the TLS peer to respond to a TLS 'close'
request. This is recommended with TLSv1.0 and later. Files:
global/mail_params.h, tls/tls_session.c, and documentation.
- Bugfix (introduced: Postfix 3.0): the code to reset Postfix
SMTP server command counts was not called after a HaProxy
handshake failure, causing stale numbers to be reported.
The command counts are now reset in the function that reports
the counts. File: smtpd/smtpd.c.
* 3.4.7
- Bugfix: the documentation said tls_fast_shutdown_enable,
but the code said tls_fast_shutdown. Viktor Dukhovni. Changed
the code because no-one is expected to override the default.
File: global/mail_params.h.
- Workaround for poor TCP loopback performance on LINUX, where
getsockopt(..., TCP_MAXSEG, ..) reports a TCP maximal segment
size that is 1/2 to 1/3 of the MTU. For example, with kernel
5.1.16-300.fc30.x86_64 the TCP client and server announce
an mss of 65495 in the TCP handshake, but getsockopt()
returns 32741 (less than half). As a matter of principle,
Postfix won't turn on client-side TCP_NODELAY because that
hides application performance bugs, and because that still
suffers from server-side delayed ACKs. Instead, Postfix
avoids sending "small" writes back-to-back, by choosing a
VSTREAM buffer size that is a multiple of the reported MSS.
This workaround bumps the multiplier from 2x to 4x. File:
util/vstream_tweak.c.
- Bugfix (introduced: 20051222): the Dovecot client could
segfault (null pointer read) or cause an SMTP server assertion
to fail when talking to a fake Dovecot server. The client
now logs a proper error instead. Problem reported by Tim
Düsterhus. File: xsasl/xsasl_dovecot_server.c.
- Bugfix (introduced: Postfix 3.4): don't whitewash OpenSSL
error results after a plaintext output error. The code could
loop, and with some OpenSSL error results could flood the
log with error messages (see below for a specific case).
Problem reported by Andreas Schulze. File: tlsproxy/tlsproxy.c.
- Bitrot: don't invoke SSL_shutdown() when the SSL engine
thinks it is processing a TLS handshake. The commit at
https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59
changed the error status, incompatibly, from SSL_ERROR_NONE
into SSL_ERROR_SSL. File: tlsproxy/tlsproxxy.c.
-- Scott Kitterman <email address hidden> Tue, 01 Oct 2019 19:21:59 -0400
-
postfix (3.4.5-1) unstable; urgency=medium
[Wietse Venema]
* 3.4.5
- With message_size_limit=0 (which is NOT DOCUMENTED), BDAT
chunks were always rejected as too large. File: smtpd/smtpd.c
- Bugfix (introduced: Postfix 3.0): LMTP connections over
UNIX-domain sockets were cached but not reused, due to a
cache lookup key mismatch. Therefore, idle cached connections
could exhaust LMTP server resources, resulting in two-second
pauses between email deliveries. This problem was investigated
by Juliana Rodrigueiro. File: smtp/smtp_connect.c.
-- Scott Kitterman <email address hidden> Mon, 01 Apr 2019 13:27:26 -0400
-
postfix (3.4.4-1) unstable; urgency=medium
[Wietse Venema]
* 3.4.2
- Bugfix (introduced: 20181226): broken DANE trust anchor
file support, caused by left-over debris from the 20181226
TLS library overhaul. Scott Kitterman. File: tls/tls_dane.c.
Closes: #924183
- Bugfix (introduced: Postfix-1.0.1): null pointer read, while
logging a warning after a corrupted bounce log file. File:
global/bounce_log.c.
- Bugfix (introduced: Postfix-2.9.0): null pointer read, while
logging a warning after a postscreen_command_filter read
error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
* 3.4.3
- Bitrot: LINUX5s support, after some sanity checks with a
rawhide prerelease version. Files: makedefs, util/sys_defs.h.
Closes: #922477
* 3.4.4
- Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
has been producing false rejects starting with the Postfix
2.2 smtpd_end_of_data_restrictons, and for the same reasons,
does the same with the Postfix 3.4 BDAT command. The latter
was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
Closes: #925082
-- Scott Kitterman <email address hidden> Sun, 24 Mar 2019 15:28:00 -0400
-
postfix (3.4.1-1) unstable; urgency=medium
[Scott Kitterman]
* Upload to unstable
[localization folks]
* l10n: Updated Danish debconf translations. Closes: #923066 (Joe Hansen).
[Wietse Venema]
* 3.4.1. Closes: #920766
-- Scott Kitterman <email address hidden> Thu, 07 Mar 2019 21:48:53 -0500
-
postfix (3.3.2-4) unstable; urgency=medium
* Bump triggering version in debian/postfix.maintscript so that the
the transition to having makedefs.out no longer be a conffile actually
works. Closes: #922475
- Thanks to Sven Joachim for the report and the fix
-- Scott Kitterman <email address hidden> Sun, 17 Feb 2019 03:04:52 -0500
-
postfix (3.3.2-1) unstable; urgency=medium
[Scott Kitterman]
* Refresh patches
* Unset inet_interfaces in postfix-instance-generator to avoid postconf
failures when the generator runs during boot (Thanks to Stefan Anders for
the patch). Closes: #896155
* Also fix use of postmulti in debian/configure-instance.sh since
postfix-instance-generator uses it before the newtork is up.
Closes: #882141
* Update po files using debconf-updatepo
* Build with -g unless nodebug is set so that dbgsym packages have debug
symbols in them. Closes: #910291
* Re-add debian/patches/02_kfreebsd_support.diff since kfreebsd-* is alive
again
[Wietse Venema]
* 3.3.2
-- Scott Kitterman <email address hidden> Thu, 13 Dec 2018 02:42:46 -0500
-
postfix (3.3.1-1) unstable; urgency=medium
[Scott Kitterman]
* Update Vcs-* for move to salsa
* Refresh patches
* Remove obsolete XS-Testsuite: autopkgtest field from debian/control
* Bump standards-version to 4.2.1 without further change
* Add trailing whitespace to debian/main.cf.in to avoid issues
appending new values. Closes: #889574
[Wietse Venema]
* 3.3.1
[Karl Stenerud]
* d/postfix-{cdb,ldap,lmdb,mysql,pcre,pgsql}.postinst, d/postfix.postinst:
Handle empty alias_database field in main.cf. Closes: #908221 LP:
#1791139
[localization folks]
* l10n: Updated French debconf translations. Closes: #912036 (jean-pierre
giraud)
* l10n: Updated German debconf translations. Closes: #907252 (Markus
Hiereth)
* l10n: Updated Turkish debconf translations. Closes: #911823 (Atila KOÇ)
* l10n: Updated Dutch debconf translations. Closes: #898862 (Frans
Spiesschaert)
-- Scott Kitterman <email address hidden> Tue, 06 Nov 2018 03:15:53 -0500
-
postfix (3.3.0-1) unstable; urgency=medium
[Wietse Venema]
* 3.3.0
[Scott Kitterman]
* Remove debian/patches/02_kfreebsd_support.diff - Obsolete
* Refresh patches
* Add debian/patches/tls_version.diff to enable all supported TLS versions.
Closes: #873334
* Install examples alongside the other documentation in /usr/share/doc/
postfix/ vice /usr/share/doc/postfix-doc/
-- Scott Kitterman <email address hidden> Fri, 23 Feb 2018 03:05:27 -0500
-
postfix (3.2.5-1) unstable; urgency=medium
[Wietse Venema]
* 3.2.5.
- Fix regression with db maps Closes: #879200
[Scott Kitterman]
* Switch tracking the need to run newalisases to debconf so other postfix
binaries can run newaliases if needed
- Move newalias processing to debian/functions
- Switch newaliases call to postfix-lmdb postinst if the alias database type
is lmdb. Closes: #865005
- Generalize using external map types for alias db to all types.
* Bump standards-version to 4.1.3 without further change
* Correct installed permissions for postfix@.service (Thanks to Andreas
Schmidt for the report and the patch). Closes: #877176
* Explicitly depend on e2fsprogs so that some day it can be non-essential.
Closes: #887277
* Update debian/copyright for addition of Eclipse Public License v2.0 as an
additional license
* Update patches for new release
* Bump compat to 9
-- Scott Kitterman <email address hidden> Mon, 29 Jan 2018 10:38:37 -0500
-
postfix (3.2.4-1) unstable; urgency=medium
[Wietse Venema]
* 3.2.4
[Scott Kitterman]
* Rewrite debian/postfix-instance-generator to avoid use of postmulti
to fix failures when inet_interfaces != all Closes: #882141
* Bump standards-version to 4.1.2 without further change
* Build-depends on debhelper (>= 9.20160709) instead of dh-systemd
-- Scott Kitterman <email address hidden> Fri, 15 Dec 2017 00:51:49 -0500
-
postfix (3.2.3-1) unstable; urgency=medium
[Wietse Venema]
* 3.2.3
[Scott Kitterman]
* Use full path to main.cf in postfix-instance-generator Closes: #873957
* Bump priority to optional to match overrides now the extra has been removed
* Add debian/watch file (Closes: #435292)
-- Scott Kitterman <email address hidden> Thu, 28 Sep 2017 22:54:54 -0400
-
postfix (3.2.2-1) unstable; urgency=medium
[Scott Kitterman]
* Upload to unstable
* New upstream release
* Refresh patches
* Remove temporary stretch configuration that ensured postfix-sqlite was not
lost on upgrade:
- postfix-sqlite now Depends instead of Recommends postfix
- postfix no longer Depends postfix-sqlite
- postfix-sqlite addmap is done in postfix-sqlite.postinst and not in
postfix.postinst
- postfix suggests postfix-sqlite
* postfix.prerm post-stretch clean up: remove obsolete delmap calls
* Delete postfix-cdb,- ldap, -lmdb, -mysql, -pcre, and -pgsql.preinst, no
longer needed after stretch release
* Remove circa 2006 fixup from postfix-cdb.postinst
* Remove old (circa 2002, pre-postfix 1.0) master.cf fixups from
postfix.prerm
[Wietse Venema]
* 3.2.2 (Closes: #864942)
-- Scott Kitterman <email address hidden> Sat, 17 Jun 2017 14:10:34 -0400