Postfix stable release 3.4.7 and legacy releases 3.3.6, 3.2.11, and 3.1.14

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Postfix stable release 3.4.7 and legacy releases 3.3.6, 3.2.11, and 3.1.14

Wietse Venema
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.4.7.html]

Fixed in Postfix 3.4:

  * Robustness: the tlsproxy(8) daemon could go into a loop, logging
    a flood of error messages. Problem reported by Andreas Schulze
    after enabling SMTP/TLS connection reuse.

Fixed in all supported stable releases:

  * Workaround: OpenSSL changed an SSL_Shutdown() non-error result
    value into an error result value, causing logfile noise.

  * Configuration: the new 'TLS fast shutdown' parameter name was
    implemented incorrectly. The documentation said
    "tls_fast_shutdown_enable", but the code said "tls_fast_shutdown".
    This was fixed by changing the code, because no-one is expected
    to override the default.

  * Performance: workaround for poor TCP loopback performance on
    LINUX, where getsockopt(..., TCP_MAXSEG, ...) reports a bogus
    TCP maximal segment size that is 1/2 to 1/3 of the real MSS.
    To avoid client-side Nagle delays or server-side delayed ACKs
    caused by multiple smaller-than-MSS writes, Postfix chooses a
    VSTREAM buffer size that is a small multiple of the reported
    bogus MSS. This workaround increases the multiplier from 2x to
    4x.

  * Robustness: the Postfix Dovecot client could segfault (null
    pointer read) or cause an SMTP server assertion to fail when
    talking to a fake Dovecot server. The Postfix Dovecot client
    now logs a proper error instead. Problem reported by Tim
    D?sterhus.

Fixed in Postfix 3.1, 3.2, 3.3:

  * Robustness: null pointer read while logging a warning after a
    postscreen_command_filter read error. This was already fixed
    in Postfix 3.4 and later.

You can find the updated Postfix source code at the mirrors listed
at http://www.postfix.org/.
Reply | Threaded
Open this post in threaded view
|

Re: Postfix stable release 3.4.7 and legacy releases 3.3.6, 3.2.11, and 3.1.14

Francesc Peñalvez-2
Url is broken

El 22/09/2019 a las 16:47, Wietse Venema escribió:

> [An on-line version of this announcement will be available at
> http://www.postfix.org/announcements/postfix-3.4.7.html]
>
> Fixed in Postfix 3.4:
>
>    * Robustness: the tlsproxy(8) daemon could go into a loop, logging
>      a flood of error messages. Problem reported by Andreas Schulze
>      after enabling SMTP/TLS connection reuse.
>
> Fixed in all supported stable releases:
>
>    * Workaround: OpenSSL changed an SSL_Shutdown() non-error result
>      value into an error result value, causing logfile noise.
>
>    * Configuration: the new 'TLS fast shutdown' parameter name was
>      implemented incorrectly. The documentation said
>      "tls_fast_shutdown_enable", but the code said "tls_fast_shutdown".
>      This was fixed by changing the code, because no-one is expected
>      to override the default.
>
>    * Performance: workaround for poor TCP loopback performance on
>      LINUX, where getsockopt(..., TCP_MAXSEG, ...) reports a bogus
>      TCP maximal segment size that is 1/2 to 1/3 of the real MSS.
>      To avoid client-side Nagle delays or server-side delayed ACKs
>      caused by multiple smaller-than-MSS writes, Postfix chooses a
>      VSTREAM buffer size that is a small multiple of the reported
>      bogus MSS. This workaround increases the multiplier from 2x to
>      4x.
>
>    * Robustness: the Postfix Dovecot client could segfault (null
>      pointer read) or cause an SMTP server assertion to fail when
>      talking to a fake Dovecot server. The Postfix Dovecot client
>      now logs a proper error instead. Problem reported by Tim
>      D?sterhus.
>
> Fixed in Postfix 3.1, 3.2, 3.3:
>
>    * Robustness: null pointer read while logging a warning after a
>      postscreen_command_filter read error. This was already fixed
>      in Postfix 3.4 and later.
>
> You can find the updated Postfix source code at the mirrors listed
> at http://www.postfix.org/.
>
>


smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Postfix stable release 3.4.7 and legacy releases 3.3.6, 3.2.11, and 3.1.14

Wietse Venema
Francesc Pe?alvez:
> Url is broken

WILL != IS.

        Wietse


> El 22/09/2019 a las 16:47, Wietse Venema escribi?:
> > [An on-line version of this announcement will be available at
> > http://www.postfix.org/announcements/postfix-3.4.7.html]
> >
> > Fixed in Postfix 3.4:
> >
> >    * Robustness: the tlsproxy(8) daemon could go into a loop, logging
> >      a flood of error messages. Problem reported by Andreas Schulze
> >      after enabling SMTP/TLS connection reuse.
> >
> > Fixed in all supported stable releases:
> >
> >    * Workaround: OpenSSL changed an SSL_Shutdown() non-error result
> >      value into an error result value, causing logfile noise.
> >
> >    * Configuration: the new 'TLS fast shutdown' parameter name was
> >      implemented incorrectly. The documentation said
> >      "tls_fast_shutdown_enable", but the code said "tls_fast_shutdown".
> >      This was fixed by changing the code, because no-one is expected
> >      to override the default.
> >
> >    * Performance: workaround for poor TCP loopback performance on
> >      LINUX, where getsockopt(..., TCP_MAXSEG, ...) reports a bogus
> >      TCP maximal segment size that is 1/2 to 1/3 of the real MSS.
> >      To avoid client-side Nagle delays or server-side delayed ACKs
> >      caused by multiple smaller-than-MSS writes, Postfix chooses a
> >      VSTREAM buffer size that is a small multiple of the reported
> >      bogus MSS. This workaround increases the multiplier from 2x to
> >      4x.
> >
> >    * Robustness: the Postfix Dovecot client could segfault (null
> >      pointer read) or cause an SMTP server assertion to fail when
> >      talking to a fake Dovecot server. The Postfix Dovecot client
> >      now logs a proper error instead. Problem reported by Tim
> >      D?sterhus.
> >
> > Fixed in Postfix 3.1, 3.2, 3.3:
> >
> >    * Robustness: null pointer read while logging a warning after a
> >      postscreen_command_filter read error. This was already fixed
> >      in Postfix 3.4 and later.
> >
> > You can find the updated Postfix source code at the mirrors listed
> > at http://www.postfix.org/.
> >
> >
>