NOTE: This addresses a new problem in Postfix 3.5.5, 3.4.15, 3.3.13,
3.2.18, which were released two days earlier but not announced.
Fixed in Postfix versions 3.5.6, 3.4.16, 3.3.14, 3.2.19:
* One fix for memory leaks in the Postfix TLS library was back-ported
to the wrong place, resulting in undefined program behavior.
Fixed in Postfix versions 3.5.6, 3.4.16:
* The workaround for allowed TLS protocol versions did not explictly
override the system-wide OpenSSL configuration, for sessions
where the remote SMTP client sends SNI. It's better to be safe