Bugfix (introduced: Postfix 2.11): minor memory leak when
minting issuer certs. This affects a tiny minority of use
cases. Viktor Dukhovni, based on a fix by Juan Altmayer
- Pizzorno for the ssl_dane library.
+ Pizzorno for the ssl_dane library. File: tls/tls_dane.c.
20180817
tickets, and to allow OpenSSL >= 1.1.0 run-time micro version
bumps without complaining about library version mismatches.
Viktor Dukhovni. Files: proto/postconf.proto,
- proto/TLS_README.html, tls/tls.h, tls/tls_dane.c,
- tls/tls_server.c, tls/tls_misc.c.
+ proto/TLS_README.html, tls/tls.h, tls/tls_server.c,
+ tls/tls_misc.c.
+
+20181110
+
+ Documentation: update documentation for Postfix versions
+ that support disabling TLS 1.3. File: proto/postconf.proto.
versions of Postfix ≥ 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
versions of Postfix ≥ 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2"</p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
"TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> Example: </p>
versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
"TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
versions of Postfix >= 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2".
.PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3".
.PP
At the dane and
versions of Postfix >= 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2"
.PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3".
.PP
To include a protocol list its name, to exclude it, prefix the name
versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
"TLSv1.2".
.PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3".
.PP
Example:
versions of Postfix >= 2.10 can disable support for "TLSv1.1" or
"TLSv1.2".
.PP
-OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix >= 3.4,
+OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+>= 3.4 (or patch releases >= 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3".
.PP
To include a protocol list its name, to exclude it, prefix the name
versions of Postfix ≥ 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
"TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> Example: </p>
versions of Postfix ≥ 2.10 can explicitly disable support for
"TLSv1.1" or "TLSv1.2"</p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
versions of Postfix ≥ 2.10 can disable support for "TLSv1.1" or
"TLSv1.2". </p>
-<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix ≥ 3.4,
+<p> OpenSSL 1.1.1 introduces support for "TLSv1.3". With Postfix
+≥ 3.4 (or patch releases ≥ 3.0.14, 3.1.10, 3.2.7 and 3.3.2)
this can be disabled, if need be, via "!TLSv1.3". </p>
<p> To include a protocol list its name, to exclude it, prefix the name
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20181104"
-#define MAIL_VERSION_NUMBER "3.3.2-RC1"
+#define MAIL_RELEASE_DATE "20181110"
+#define MAIL_VERSION_NUMBER "3.3.2-RC2"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
projects / thirdparty / postfix.git / commitdiff
