-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 06 Mar 2024 10:10:14 -0500
Source: postfix
Binary: postfix-doc
Architecture: all
Version: 3.7.11-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Scott Kitterman <scott@kitterman.com>
Description:
 postfix-doc - Documentation for Postfix
Changes:
 postfix (3.7.11-0+deb12u1) bookworm; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.7.11
     - Bugfix (defect introduced: Postfix 2.3, date 20051222): the
       Dovecot auth client did not reset the 'reason' from  a
       previous Dovecot auth service response, before parsing the
       next Dovecot auth server response in the same SMTP session.
       Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c.
     - Cleanup: Postfix SMTP server response with an empty
       authentication failure reason. File: smtpd/smtpd_sasl_glue.c.
     - Bugfix (defect introduced: Postfix 3.1, date: 20151128):
       "postqueue -j" produced broken JSON when escaping a control
       character as \uXXXX. Found during code maintenance. File:
       postqueue/showq_json.c.
     - Cleanup: posttls-finger certificate match expectations for
       all TLS security levels, including warnings for levels that
       don't implement certificate matching. Viktor Dukhovni.
       File: posttls-finger.c.
     - Bugfix (defect introduced: Postfix 2.3): after prepending
       a message header with a Postfix access table PREPEND action,
       a Milter request to delete or update an existing header
       could have no effect, or it could target the wrong instance
       of an existing header. Root cause: the fix dated 20141018
       for the Postfix Milter client was incomplete. The client
       did correctly hide the first, Postfix-generated, Received:
       header when sending message header information to a Milter
       with the smfi_header() application callback function, but
       it was still hiding the first header (instead of the first
       Received: header) when handling requests from a Milter to
       delete or update an existing header. Problem report by
       Carlos Velasco. This change was verified to have no effect
       on requests from a Milter to add or insert a header. File:
       cleanup/cleanup_milter.c.
     - Workaround: tlsmgr logfile spam. Some OS lies under load:
       it says that a socket is readable, then it says that the
       socket has unread data, and then it says that read returns
       EOF, causing Postfix to spam the log with a warning message.
       File: tlsmgr/tlsmgr.c.
     - Bugfix (defect introduced: Postfix 3.4): the SMTP server's
       BDAT command handler could be tricked to read $message_size_limit
       bytes into memory. Found during code maintenance. File:
       smtpd/smtpd.c.
     - Performance: eliminate worst-case behavior where the queue
       manager defers delivery to all destinations over a specific
       delivery transport, after only a single delivery agent
       failure. The scheduler now throttles one destination, and
       allows deliveries to other destinations to keep making
       progress. Files: *qmgr/qmgr_deliver.c.
     - Safety: drop and log over-size DNS responses resulting in
       more than 100 records. This 20x larger than the number of
       server addresses that the Postfix SMTP client is willing
       to consider when delivering mail, and is well below the
       number of records that could cause a tail recursion crash
       in dns_rr_append() as reported by Toshifumi Sakaguchi. This
       also limits the number of DNS requests from check_*_*_access
       restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c,
       dns/test_dns_lookup.c, posttls-finger/posttls-finger.c,
       smtp/smtp_addr.c, smtpd/smtpd_check.c.
Checksums-Sha1:
 923ff3ba20516a7baecf1e78d1859f0da6d166fa 1218408 postfix-doc_3.7.11-0+deb12u1_all.deb
 2134dca6f3ee8b1901717e96132a848fe6d162c7 7102 postfix_3.7.11-0+deb12u1_all-buildd.buildinfo
Checksums-Sha256:
 6b07bcc68991703acf747dc2500355bdd02aef0a048419b939752c39faf47d8d 1218408 postfix-doc_3.7.11-0+deb12u1_all.deb
 5d1f376709c0b4305b5233158ded2c4caac804f14b0a2672fbe8004b59918ce5 7102 postfix_3.7.11-0+deb12u1_all-buildd.buildinfo
Files:
 4641a2405b1221b0d8dbae2fba18d491 1218408 doc optional postfix-doc_3.7.11-0+deb12u1_all.deb
 422494899c3139180bc91dd54df0d2a4 7102 mail optional postfix_3.7.11-0+deb12u1_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtzb3SVunlrB0F8t8ExOkVqF4GXMFAmYAo9kACgkQExOkVqF4
GXMt9A/+McAnTMwHVL8/yzo97cBILgg/9oPKnmRoDUrwX532vQDdnfrtHupYJD65
QvhuSkyvSV8mUoabGB+yyKp164kaX9/ZDfM4c5NUzJSlp83pOtN4Fma0CUidim7C
TSmzDbtFXd45fxDI4Qd1BUIvIyEVhoU0drSQSzLiuMnDDKKfF/VyNONkv5P/vMeE
JGo7rID/cVSazW+3DM/pLDdu7++1+aXnXYcQITXa21G5Wp2RJGR78GkoNsa8yw15
Zf4V54sYstAJxEltIZLOvcBsXnmoRIhE4XjdVBmYQzjBHBpP0rhqS90aD4jS8xY6
yTDGdk9XEKXWHfdxXRVAUxl5HkkxxjI8nFW6PaXS05FMTCv0s5sa1I0hznys/uVc
c89kAHyJbuLXzKOC2Wx0Z5Y/cqeHu1gwmWqfzym0Sz0riVGOuEFJXnRgqCemU3aJ
GWAYXxPTxR6KMGYwYjHfpmRze5hP4MZbyAMlYyq2c+9q5b8UpN/J35uqPxM5ejNB
BMYRwYWwQaYnPqfoxbtmwAdUM3Ry5jibMwxlD0Ge1Pfy1AijTnwdfNr0OlgQwzsJ
8fDZ5bAmkWqlBYUsQovT1nPFrz9zrScKUnIHJVZvQ6/uYd/YpznkC9QUSXhRQzY9
RBVpmRql35eMu7N0pchV1TkQy5l0EuLSci/kAZ3JKfNi+Shh/mA=
=xUyG
-----END PGP SIGNATURE-----