[Bug 1022772] [NEW] Microversion release update for postfix 2.9.3-2

Scott Kitterman ubuntu at kitterman.com
Tue Jul 10 00:28:23 UTC 2012 

Public bug reported:

[TEST CASE] Install updated packages and evaluate normal postfix
functionality is still working (will vary based on local configuration).

[REGRESSION POTENTIAL] Very small.  MRE was granted for postfix based on
upstream's demonstrated track record for being very careful.  Fixes have
had extensive testing upstream, in Debian, and in Quantal.

There is a packaging change included as well to fix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675247 since this will
cause upgrade issues.

Here are the upstream changes:

20120401

	Bitrot: shut up useless warnings about Cyrus SASL call-back
	function pointer type mis-matches. Files: xsasl/xsasl_cyrus.h,
	xsasl/xsasl_cyrus_server.c, xsasl/xsasl_client.c.

20120422

	Bit-rot: OpenSSL 1.0.1 introduces new protocols. Update the
	known TLS protocol list so that protocols can be turned off
	selectively to work around implementation bugs.  Based on
	a patch by Victor Duchovni.  Files: proto/TLS_README.html,
	proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c,
	tls/tls_server.c.

20120425

	Workaround: bugs in 10-year old gcc versions break compilation
	with #ifdef inside a macro invocation (NOT: definition).
	This synchronizes the Postfix 2.9 TLS implementation with
	Postfix 2.10 to simplify code maintenance.  Files: tls/tls.h,
	tls/tls_client.c, tls/tls_server.c.

20120426

	Bugfix (introduced Postfix 2.9): the postconf command flagged
	parameters defined in master.cf as "unused" when they were
	used only in main.cf. Problem reported by Michael Tokarev.
	Files: postconf/postconf_user.c.

20120516

	Workaround: apparently, FreeBSD 8.3 kqueue notifications
	sometimes break when a dnsblog(8) process loses an accept()
	race on a shared socket, resulting in repeated "connect to
	private/dnsblog service: Connection refused" warnings.  This
	condition is unique to dnsblog(8). The postscreen(8) daemon
	closes a postscreen-to-dnsblog connection as soon as it
	receives a dnsblog(8) reply, resulting in hundreds or
	thousands of connection requests per second.  All other
	multi-server daemons such as anvil(8) or proxymap(8) have
	connection lifetimes ranging from 5s to 1000s depending on
	server load.  The workaround is for dnsblog to use the
	single_server driver instead of the multi_server driver.
	This one-line code change eliminates the accept() race
	without any Postfix performance impact.  Problem reported
	by Sahil Tandon.  File: dnsblog/dnsblog.c.

20120517

	Workaround: to avoid crashes when the OpenSSL library is
	updated without "postfix reload", the Postfix TLS session
	cache ID now includes the OpenSSL library version number.
	Note: this problem cannot be fixed in tlsmgr(8). Code by
	Victor Duchovni. Files: tls/tls_server.c, tls_client.c.

20120520

	Bugfix (introduced Postfix 2.4): the event_drain() function
	was comparing bitmasks incorrectly causing the program to
	always wait for the full time limit. This error affected
	the unused postkick command, but only after s/fifo/unix/
	in master.cf.  File: util/events.c.

	Cleanup: laptop users have always been able to avoid
	unnecessary disk spin-up by doing s/fifo/unix/ in master.cf
	(this is currently not supported on Solaris systems).
	However, to make this work reliably, the "postqueue -f"
	command must wait until its requests have reached the pickup
	and qmgr servers before closing the UNIX-domain request
	sockets.  Files: postqueue/postqueue.c, postqueue/Makefile.in.

** Affects: postfix (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1022772

Title:
  Microversion release update for postfix 2.9.3-2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1022772/+subscriptions

More information about the Ubuntu-server-bugs mailing list