--- - branch: MAIN date: Sat Jun 17 08:02:22 UTC 2017 files: - new: '1.10' old: '1.9' path: pkgsrc/mail/postfix/Makefile.common pathrev: pkgsrc/mail/postfix/Makefile.common@1.10 type: modified - new: '1.171' old: '1.170' path: pkgsrc/mail/postfix/distinfo pathrev: pkgsrc/mail/postfix/distinfo@1.171 type: modified - new: '1.38' old: '1.37' path: pkgsrc/mail/postfix/patches/patch-ag pathrev: pkgsrc/mail/postfix/patches/patch-ag@1.38 type: modified id: 20170617T080222Z.07f2f8985c5a2dc1a9cb53b3da3befacc61d4d45 log: | Update postfix to 3.2.2. pkgsrc change: Add support for NetBSD 8. This announcement (June 13, 2017) includes changes that were released with an earlier update (June 10, 2017). The announcement was postponed to avoid confusion due to repeated notification. Fixed in all supported releases: * Security: Berkeley DB versions 2 and later try to read settings from a file DB_CONFIG in the current directory. This undocumented feature may introduce undisclosed vulnerabilities resulting in privilege escalation with Postfix set-gid programs (postdrop, postqueue) before they chdir to the Postfix queue directory, and with the postmap and postalias commands depending on whether the user's current directory is writable by other users. This fix does not change Postfix behavior for Berkeley DB versions < 3, but it does reduce postmap and postalias 'create' performance with Berkeley DB versions 3.0 .. 4.6. Fixed in Postfix 3.2 and later: * The SMTP server receive_override_options were not restored at the end of an SMTP session, after the options were modified by an smtpd_milter_maps setting of "DISABLE". Milter support remained disabled for the life time of the smtpd process. * After the Postfix 3.2 address/domain table lookup overhaul, the check_sender_access and check_recipient_access features ignored a non-default parent_domain_matches_subdomains setting. module: pkgsrc subject: 'CVS commit: pkgsrc/mail/postfix' unixtime: '1497686542' user: taca