-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 11 Jun 2026 09:55:11 +0300 Source: postfix Architecture: source Version: 3.10.10-0+deb13u1 Distribution: trixie Urgency: medium Maintainer: Debian Postfix Team Changed-By: Michael Tokarev Closes: 1120869 1135718 Changes: postfix (3.10.10-0+deb13u1) trixie; urgency=medium . [ Michael Tokarev ] * keep postfix running during upgrades (Closes: #1120869) * linux7.patch: support building of the source on 7.x kernels . * new upstream stable/bugfix release 3.10.10: - Bitrot: builds with musl libc broke, because they were using an obsolete NO_SNPRINTF code path. - Two fixes for a signed integer overshift condition (a left shift into the sign bit). This "works" on contemporary CPUs, but may break in the future. - Fix an 'uninitialized value' error in the 'collate.pl' script. . * new upstream stable/bugfix release 3.10.9: - Bugfix: The RFC 2047 encoder for the sender "full name" could loop when a very long full_name_encoding_charset value was configured in main.cf. - Bugfix buffer over-read when Postfix an enhanced status code is not followed by other text. For example, "5.7.2" without text after the three-number code. This CANNOT be triggered with an SMTP or LMTP server response; is confirmed with an access(5) table and likely with a policy server response; can possibly be triggered with pipe-to-command output, header_checks(5), body_checks(5), an error(8) transport in transport_maps, or a milter response; and is confirmed with a DNSBL server TXT response while Postfix is configured with "$rbl_code $rbl_text" in rbl_reply_maps or default_rbl_reply. This could result in process termination. (Closes: #1135718, CVE-2026-43964) - Code cleanup: log a fatal error instead of dereferencing a null pointer after a first/next cursor initialization failure. - Portability: support for recent FreeBSD, NetBSD, and OpenBSD versions. - Bugfix: When truncating a database file, the cdb: database client looked at the file size from before requesting an exclusive lock on a database file, instead of the file size after the exclusive lock was granted. - Bugfix: file descriptor leak after fork() failure. - Mistakes in debug logging. - Unchecked null pointer results after an out-of-memory condition in a library dependency. Found by Claude Opus 4.6. The fix is to return an error status or to log a fatal error. - Missing or incomplete guards for ssize_t or int overflow. These limits are unlikely to be exceeded because the size of in-memory objects is limited by design (the number of in-memory objects is also limited). . * new upstream stable/bugfix release 3.10.8: - Improved Milter error handling for messages that arrive over a long-lived SMTP connection. - Fix "posttls-finger -v -v -v" panic and recursive panic. . * new upstream stable/bugfix release 3.10.7: - build fix for modern compilers and standard bool types (already included in debian) . * new upstream stable/bugfix release 3.10.6: - Bugfix: warning messages that smtp_tls_wrappermode requires "smtp_tls_security_level = encrypt". Root cause: support for "TLS-Required: no" broke client-side TLS wrappermode support, by downgrading a connection to TLS security level 'may'. The fix changes the downgrade level for wrappermode connections to 'encrypt'. Rationale: by design, TLS can be optional only for connections that use STARTTLS. The downgrade to unauthenticated 'encrypt' allows a sender to avoid an email delivery problem. - New logging: the Postfix SMTP client will log a warning when an MX hostname does not match STS policy MX patterns, with "smtp_tls_enforce_sts_mx_patterns = yes" in Postfix, and with TLSRPT support enabled in a TLS policy plugin. It will log a successful match only when verbose logging is enabled. - Bugfix: SMTP client null pointer crash when an STS policy plugin sends no policy_string or no mx_pattern attributes. This can happen only during tests with a fake STS plugin. - Bugfix: segfault when a duplicate parameter name is given to "postconf -X" or "postconf -#'. - Documentation: removed incorrect text from the parameter description for smtp_cname_overrides_servername . [ Aaron Thompson ] * debian-postfix-chroot-cmd.patch: Fix non-ASCII whitespace typo * configure-instance.in: fix typo * d/README.Debian: minor copyediting * Fix some cosmetic typos Checksums-Sha1: 0d2415230dab1f022ecdf7d2fe39bee580ead56e 3301 postfix_3.10.10-0+deb13u1.dsc 82b72f19661cdd29ba663899c26ff5b1b4c291d1 5042502 postfix_3.10.10.orig.tar.gz ce4fc0380b70354d092f8ebf242f3cc51192c5ac 220 postfix_3.10.10.orig.tar.gz.asc 6c2b7cda6536334743895704ac5770843ce7faaa 201208 postfix_3.10.10-0+deb13u1.debian.tar.xz fcc124cb7f20029e17610565f74931225013c73f 6717 postfix_3.10.10-0+deb13u1_source.buildinfo Checksums-Sha256: 3317e0bdaea57ccd22eee576a1d2958baca3590a3b81c6f58c930962490555a0 3301 postfix_3.10.10-0+deb13u1.dsc 3b7197e00a98f7fe4624cf51a00ad805674256eff624e678529ccfbf2c7707a4 5042502 postfix_3.10.10.orig.tar.gz 427d679a70f68aaf99f5e1fa9309fb878dfcff374dc6ccd8ba7b552bdb1b4a6c 220 postfix_3.10.10.orig.tar.gz.asc 71ee98a0facb331ba8f64b949c9d70c6fd9f43fc244d8ebcb8257f90fb35de5e 201208 postfix_3.10.10-0+deb13u1.debian.tar.xz 6cabe6895175df7201ac36aa81122ba025ec72c7745f9e49667fe5f01fcf3a5b 6717 postfix_3.10.10-0+deb13u1_source.buildinfo Files: c2c11bfa15d04980fe7860d7e9321c9a 3301 mail optional postfix_3.10.10-0+deb13u1.dsc 09502ef9ab55d4f16fc7bcb6d9aed9bc 5042502 mail optional postfix_3.10.10.orig.tar.gz b8ea4a28308c95a4f15dd95e022d07fc 220 mail optional postfix_3.10.10.orig.tar.gz.asc 4dfc13abd87b0859bcd396d1d99ffa87 201208 mail optional postfix_3.10.10-0+deb13u1.debian.tar.xz adb90008f0939c52e1ee766bbdaae258 6717 mail optional postfix_3.10.10-0+deb13u1_source.buildinfo -----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJqKlwNCRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmf6FLGel1g7FopHMaWyJcAtX3kV55YYcxDH2SgDcxkl 4BYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AABX4xAAkn3ZhPXx+TlM4LI6uJxqcMZ6 eT4gLYMAFjvX23wtW4VrKnlTGqyBhSYRVw0Dh86Z+jR3NdE8zgt8E82sgWhFyA4h 7MOoG8gMtHS8gIMx5D6XZnMoH4Cga6R6wr1qFJquW/qeQLkgv16EpToqUIRrUhEf XEKP98cRS/dZWT3oi98ugn+ZoZd1rolgmtNFrhhaydjHrXKYjvrhdQuPaViapDrL xu2USgxiQYNGcOCz6WGDtMYMExc24zUZzBmpPDBUHxco9i3bJ51WAkokivnJ28l2 vx1U2efFkWrgq3jgBUNxedh1635ceUYLTbEDWB8LxI5YfPr1R5PToDjfwtYuuRpS Q4Wp9y3CPgUM0TpszPTHrPROiEa4hqHZBFdFOOnwt4868GCgRbVirLLD2N5X/D2B 2LRejKtYl43Ndx625H+AUr352uh1/PXyGALisEIglmM+Ga7lnUe4irQ8lEmmguQd ZGEDUcsXyz60xGyQVL/EDI3xgjLaPy3c1mKxmnbwDdyOdkbrEJRpVqHEJSP2iAy9 cZD9U7h1c0LkvF4iQlFlArx9h+bw2xWX1H4lV6+1MraVERDb4DNTJtQpfU3QRKlW CI62rfC77KvIrXzV8IpNHZfutj2uKf9vrUUVbcXGf9S/NZgSc/eYbB5B+B34kfBl jJCuP1WVtl+dqrr7pO0= =hNVH -----END PGP SIGNATURE-----