Prereq: "2.11.3" diff -cr --new-file /var/tmp/postfix-2.11.3/src/global/mail_version.h ./src/global/mail_version.h *** /var/tmp/postfix-2.11.3/src/global/mail_version.h 2014-10-19 18:12:15.000000000 -0400 --- ./src/global/mail_version.h 2015-02-08 18:17:36.000000000 -0500 *************** *** 20,27 **** * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ ! #define MAIL_RELEASE_DATE "20141019" ! #define MAIL_VERSION_NUMBER "2.11.3" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE --- 20,27 ---- * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ ! #define MAIL_RELEASE_DATE "20150208" ! #define MAIL_VERSION_NUMBER "2.11.4" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff -cr --new-file /var/tmp/postfix-2.11.3/HISTORY ./HISTORY *** /var/tmp/postfix-2.11.3/HISTORY 2014-10-19 18:11:34.000000000 -0400 --- ./HISTORY 2015-02-08 18:12:22.000000000 -0500 *************** *** 19618,19620 **** --- 19618,19643 ---- Cleanup: revert the workaround that places headers inserted with PREPEND actions or policy requests BELOW Postfix's own Received: message header. File: smtpd/smtpd.c. + + 20141025 + + Bugfix (introduced: Postfix 2.11): core dump when + smtp_policy_maps specifies an invalid TLS level. Viktor + Dukhovni. File: smtp/smtp_tls_policy.c. + + 20150106 + + Robustness: don't segfault due to excessive recursion after + a faulty configuration runs into the virtual_alias_recursion_limit. + File: global/tok822_tree.c. + + 20150115 + + Safety: stop aliasing loops that exponentially increase the + address length with each iteration. Back-ported from Postfix + 3.0. File: cleanup/cleanup_map1n.c. + + 20150117 + + Cleanup: missing " in \%s\" in postconf(1) fatal error + messages. Iain Hibbert. File: postconf/postconf_master.c. diff -cr --new-file /var/tmp/postfix-2.11.3/src/cleanup/cleanup_map1n.c ./src/cleanup/cleanup_map1n.c *** /var/tmp/postfix-2.11.3/src/cleanup/cleanup_map1n.c 2013-11-12 12:53:03.000000000 -0500 --- ./src/cleanup/cleanup_map1n.c 2015-02-08 17:48:16.000000000 -0500 *************** *** 139,144 **** --- 139,153 ---- if ((lookup = mail_addr_map(maps, STR(state->temp1), propagate)) != 0) { saved_lhs = mystrdup(argv->argv[arg]); for (i = 0; i < lookup->argc; i++) { + if (strlen(lookup->argv[i]) > var_line_limit) { + msg_warn("%s: unreasonable %s result %.300s... -- " + "message not accepted, try again later", + state->queue_id, maps->title, lookup->argv[i]); + state->errs |= CLEANUP_STAT_DEFER; + UPDATE(state->reason, "4.6.0 Alias expansion error"); + UNEXPAND(argv, addr); + RETURN(argv); + } unquote_822_local(state->temp1, lookup->argv[i]); if (i == 0) { UPDATE(argv->argv[arg], STR(state->temp1)); diff -cr --new-file /var/tmp/postfix-2.11.3/src/global/tok822_tree.c ./src/global/tok822_tree.c *** /var/tmp/postfix-2.11.3/src/global/tok822_tree.c 2000-11-20 13:05:32.000000000 -0500 --- ./src/global/tok822_tree.c 2015-01-06 12:51:58.000000000 -0500 *************** *** 259,269 **** TOK822 *tok822_free_tree(TOK822 *tp) { ! if (tp) { ! if (tp->next) ! tok822_free_tree(tp->next); if (tp->head) tok822_free_tree(tp->head); tok822_free(tp); } return (0); --- 259,270 ---- TOK822 *tok822_free_tree(TOK822 *tp) { ! TOK822 *next; ! ! for (/* void */; tp != 0; tp = next) { if (tp->head) tok822_free_tree(tp->head); + next = tp->next; tok822_free(tp); } return (0); diff -cr --new-file /var/tmp/postfix-2.11.3/src/postconf/postconf_master.c ./src/postconf/postconf_master.c *** /var/tmp/postfix-2.11.3/src/postconf/postconf_master.c 2013-12-19 19:56:45.000000000 -0500 --- ./src/postconf/postconf_master.c 2015-01-22 09:10:53.000000000 -0500 *************** *** 273,279 **** for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) { cp = argv->argv[field]; if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0) ! pcf_fix_fatal("invalid %s field \%s\" in \"%s\"", pcf_str_field_pattern(field), cp, raw_text); } --- 273,279 ---- for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) { cp = argv->argv[field]; if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0) ! pcf_fix_fatal("invalid %s field \"%s\" in \"%s\"", pcf_str_field_pattern(field), cp, raw_text); } *************** *** 282,293 **** if (len > 0 && cp[len - 1] == '?') len--; if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len) ! pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \%s\" in \"%s\"", cp, raw_text); cp = argv->argv[PCF_MASTER_FLD_MAXPROC]; if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0) ! pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \%s\" in \"%s\"", cp, raw_text); } --- 282,293 ---- if (len > 0 && cp[len - 1] == '?') len--; if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len) ! pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \"%s\" in \"%s\"", cp, raw_text); cp = argv->argv[PCF_MASTER_FLD_MAXPROC]; if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0) ! pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \"%s\" in \"%s\"", cp, raw_text); } diff -cr --new-file /var/tmp/postfix-2.11.3/src/smtp/smtp_tls_policy.c ./src/smtp/smtp_tls_policy.c *** /var/tmp/postfix-2.11.3/src/smtp/smtp_tls_policy.c 2014-03-03 14:53:26.000000000 -0500 --- ./src/smtp/smtp_tls_policy.c 2014-10-25 15:22:55.000000000 -0400 *************** *** 516,524 **** --- 516,526 ---- switch (site_level) { default: tls->level = site_level; + /* FALLTHROUGH */ case TLS_LEV_NOTFOUND: break; case TLS_LEV_INVALID: + tls->level = site_level; return ((void *) tls); }