-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 09 Mar 2024 10:38:51 -0500
Source: postfix
Binary: postfix-doc
Architecture: all
Version: 3.5.25-0+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Scott Kitterman <scott@kitterman.com>
Description:
 postfix-doc - Documentation for Postfix
Changes:
 postfix (3.5.25-0+deb11u1) bullseye; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.5.25
     - Bugfix (defect introduced: Postfix 2.3, date 20051222): the
       Dovecot auth client did not reset the 'reason' from  a
       previous Dovecot auth service response, before parsing the
       next Dovecot auth server response in the same SMTP session.
       Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c.
     - Cleanup: Postfix SMTP server response with an empty
       authentication failure reason. File: smtpd/smtpd_sasl_glue.c.
     - Bugfix (defect introduced: Postfix 3.1, date: 20151128):
       "postqueue -j" produced broken JSON when escaping a control
       character as \uXXXX. Found during code maintenance. File:
       postqueue/showq_json.c.
     - Cleanup: posttls-finger certificate match expectations for
       all TLS security levels, including warnings for levels that
       don't implement certificate matching. Viktor Dukhovni.
       File: posttls-finger.c.
     - Bugfix (defect introduced: Postfix 2.3): after prepending
       a message header with a Postfix access table PREPEND action,
       a Milter request to delete or update an existing header
       could have no effect, or it could target the wrong instance
       of an existing header. Root cause: the fix dated 20141018
       for the Postfix Milter client was incomplete. The client
       did correctly hide the first, Postfix-generated, Received:
       header when sending message header information to a Milter
       with the smfi_header() application callback function, but
       it was still hiding the first header (instead of the first
       Received: header) when handling requests from a Milter to
       delete or update an existing header. Problem report by
       Carlos Velasco. This change was verified to have no effect
       on requests from a Milter to add or insert a header. File:
       cleanup/cleanup_milter.c.
     - Workaround: tlsmgr logfile spam. Some OS lies under load:
       it says that a socket is readable, then it says that the
       socket has unread data, and then it says that read returns
       EOF, causing Postfix to spam the log with a warning message.
       File: tlsmgr/tlsmgr.c.
     - Bugfix (defect introduced: Postfix 3.4): the SMTP server's
       BDAT command handler could be tricked to read $message_size_limit
       bytes into memory. Found during code maintenance. File:
       smtpd/smtpd.c.
     - Performance: eliminate worst-case behavior where the queue
       manager defers delivery to all destinations over a specific
       delivery transport, after only a single delivery agent
       failure. The scheduler now throttles one destination, and
       allows deliveries to other destinations to keep making
       progress. Files: *qmgr/qmgr_deliver.c.
     - Safety: drop and log over-size DNS responses resulting in
       more than 100 records. This 20x larger than the number of
       server addresses that the Postfix SMTP client is willing
       to consider when delivering mail, and is well below the
       number of records that could cause a tail recursion crash
       in dns_rr_append() as reported by Toshifumi Sakaguchi. This
       also limits the number of DNS requests from check_*_*_access
       restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
       dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
       smtp/smtp_addr.c, smtpd/smtpd_check.c.
Checksums-Sha1:
 d5da65e31b06a6ed9b18da4a841c593e293a69c0 1225572 postfix-doc_3.5.25-0+deb11u1_all.deb
 19a593ad3a9df986a966998a69690611d24f7bc7 7544 postfix_3.5.25-0+deb11u1_all-buildd.buildinfo
Checksums-Sha256:
 826253c38b3a4e0d72ca02bd9d655672e01f1bdd8f83502b4ba523b79ad2bb72 1225572 postfix-doc_3.5.25-0+deb11u1_all.deb
 5f4c3493fc49d62147d58ee13835233585e8b864894eb93b4c671c1883cd162c 7544 postfix_3.5.25-0+deb11u1_all-buildd.buildinfo
Files:
 9bfa69439676ebdcbaa9c4c1d86b2705 1225572 doc optional postfix-doc_3.5.25-0+deb11u1_all.deb
 2a270f80f3a5f87e5d6e494e9a9352ed 7544 mail optional postfix_3.5.25-0+deb11u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmYm0GsACgkQ4cagXJhO
TXtulQ/7BzjvnsCFyGSPDhkckqRZoygs5eHugC2VUTdJST5Xu537Zs4Dyr64xOPQ
5kkpfhS/PbPm4bBBhwcGKGp4TQYO3Ffm1ws70zl4Vt4nLGYYr9bb5nlWyt4puqXp
eb6OyGaLKFTYxiM0S2FJtdUNw5THfAZ0b0ZAqqQWrn2jYt06Cpsvt2vK7f420wgr
iCv0+jNdprGihJCo+SK32A83bAMHVxcgPRgNO74EC9GhNC+9A8LRWO6qtWzVJVNt
oj5iCAtpRLCIfLnbO3o3LINNLfw4Gc7ERrMV8ChY3XVzdrpcN762E8SPc3ZqMOS1
bF352Clviq2/f4EccEstT1LI19SmuKso2zeLrjrNjy9ei0ow+M01R3NBYY59xVr+
dwpRtEYSeWxnn+TdMLeMsV/PHV07AkS9zFammtCqYG8SCfGOeX4C0vuOb1Etd5NJ
qa5/oiajzE2zwd0OEl3vFm4DkhGybPEx/j3pWk2gMc1Jy4Xm/lqlAx+FCp5VXkqg
7WjYsg+MmCxE9nzswH0VEpO8aZ36seGssWcy9uog7+6HZ/MPmQ5S1rpzv8N5mLnm
LpTOqWtCghvEBzFQh9p0Z12X0XGgk7vdULMyXv95BJTRdez5lZ1ZelfHQ9p3+VcB
brXYCCbaZaxYlPLzeza/Sv+hyvM2lMeBPSxHBeeYtDii86jos3Q=
=CWvV
-----END PGP SIGNATURE-----