Hello community, here is the log from the commit of package postfix for openSUSE:11.4 checked in at Tue May 10 11:10:50 CEST 2011. -------- --- old-versions/11.4/UPDATES/all/postfix/postfix.changes 2011-03-30 12:23:01.000000000 +0200 +++ 11.4/postfix/postfix.changes 2011-05-10 10:10:06.000000000 +0200 @@ -1,0 +2,5 @@ +Mon May 10 14:24:37 UTC 2011 - varkoly@novell.com + +- bnc#689021 - VUL-0: postfix memory corruption + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- bnc#689021.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postfix.spec ++++++ --- /var/tmp/diff_new_pack.kbpISF/_old 2011-05-10 11:10:38.000000000 +0200 +++ /var/tmp/diff_new_pack.kbpISF/_new 2011-05-10 11:10:38.000000000 +0200 @@ -22,7 +22,7 @@ Name: postfix Summary: A fast, secure, and flexible mailer Version: 2.7.2 -Release: 13.<RELEASE14> +Release: 13.<RELEASE16> License: IBM Public License .. Group: Productivity/Networking/Email/Servers Url: http://www.postfix.org/ @@ -40,6 +40,7 @@ Patch11: %{name}-vda-2.7.1.patch Patch12: %{name}-SuSE-ldap.patch Patch13: bnc#677792.diff +Patch14: bnc#689021.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq PreReq: /usr/bin/getent @@ -174,6 +175,7 @@ %patch11 -p1 %patch12 -p0 %patch13 -p1 +%patch14 # --------------------------------------------------------------------------- %build ++++++ bnc#689021.diff ++++++ *** src/smtpd/smtpd_sasl_proto.c Wed Jan 5 15:16:53 2011 --- src/smtpd/smtpd_sasl_proto.c Tue Apr 19 18:37:00 2011 *************** *** 184,189 **** --- 184,210 ---- return (-1); } + /* Don't reuse the SASL handle after authentication failure. */ + #ifndef SMTPD_FLAG_AUTH_USED + #define SMTPD_FLAG_AUTH_USED (1<<15) + #endif + #ifndef XSASL_TYPE_CYRUS + #define XSASL_TYPE_CYRUS "cyrus" + #endif + if (state->flags & SMTPD_FLAG_AUTH_USED) { + smtpd_sasl_deactivate(state); + #ifdef USE_TLS + if (state->tls_context != 0) + smtpd_sasl_activate(state, VAR_SMTPD_SASL_TLS_OPTS, + var_smtpd_sasl_tls_opts); + else + #endif + smtpd_sasl_activate(state, VAR_SMTPD_SASL_OPTS, + var_smtpd_sasl_opts); + } else if (strcmp(var_smtpd_sasl_type, XSASL_TYPE_CYRUS) == 0) { + state->flags |= SMTPD_FLAG_AUTH_USED; + } + /* * All authentication failures shall be logged. The 5xx reply code from * the SASL authentication routine triggers tar-pit delays, which help to ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org