Mailinglist Archive: opensuse-updates (101 mails)

< Previous Next >
openSUSE-RU-2015:0330-1: moderate: Recommended update for postfix
openSUSE Recommended Update: Recommended update for postfix

Announcement ID: openSUSE-RU-2015:0330-1
Rating: moderate
References: #729154 #908003 #910265 #911806 #912594 #914086

Affected Products:
openSUSE 13.2

An update that has 6 recommended fixes can now be installed.


Postfix was updated to version 2.11.3 to bring features and bugfixes.

Changes done:
- postfix 2.11.3:
* Fix for configurations that prepend message headers with Postfix
access maps, policy servers or Milter applications. Postfix now hides
its own Received: header from Milters and exposes prepended headers to
Milters, regardless of the mechanism used to prepend a header. This
fix reverts a partial solution that was released
on October 13, 2014, and replaces it with a complete solution.
* Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure.

- postfix 2.11.2:
* Fix for DMARC implementations based on SPF policy plus DKIM Milter.
The PREPEND access/policy action added headers ABOVE Postfix's own
Received: header, exposing Postfix's own Received: header to Milters
(protocol violation) and hiding the PREPENDed header from Milters.
PREPENDed headers are now added BELOW Postfix's own Received: header
and remain visible to Milters.
* The Postfix SMTP server logged an incorrect client name in reject
messages for check_reverse_client_hostname_access and
check_reverse_client_hostname_{mx,ns}_access. They replied with the
verified client name, instead of the name that was rejected.
* The qmqpd daemon crashed with null pointer bug when logging a lost
connection while not in a mail transaction.

- postfix 2.11.1:
* With connection caching enabled (the default), recipients could be
given to the wrong mail server.
* Enforce TLS when TLSA records exist, but all are unusable.
* Don't leak memory when TLSA records exist, but all are unusable.
* Prepend "-I. -I../../include" to the compiler command-line
options, to avoid name clashes with non-Postfix header files.
* documentation fixes
* logging fixes

Other bugfixes done:
- bnc#914086 syntax error in config.postfix
- Adapt config.postfix to be able to run on SLE11 too.

- Don't install sysvinit script when systemd is used
- Make explicit PreReq dependencies conditional only for older systems
- Don't try to set explicit attributes to symlinks
- Cleanup spec file vith spec-cleaner

- bnc#912594 config.postfix creates config based on old options

- bnc#911806 config.postfix does not set up correct saslauthd socket
directory for chroot
- bnc#910265 config.postfix does not upgrade the chroot
- bnc#908003 wrong access rights on /usr/sbin/postdrop causes permission
denied when trying to send a mail as non root user
- bnc#729154 wrong permissions for some postfix components

- restore previously lost fix: Fri Oct 11 13:32:32 UTC 2013 - matz@xxxxxxx
- Ignore errors in %pre/%post.

Patch Instructions:

To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-165=1

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.2 (i586 x86_64):


- openSUSE 13.2 (noarch):



< Previous Next >
This Thread
  • No further messages