postfix-2.5.5

diff --git a/postfix/HISTORY b/postfix/HISTORY
index d4b00cf0f6a7bcf55f8a863e4a83e6773519693a..cc6c1575bdaa18a18bdb125b00d269392d901f58 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -14430,3 +14430,14 @@ Apologies for any names omitted.
        symlink itself is owned by root).  This change will break
        legitimate configurations that deliver mail to a symbolic
        link in a directory with less restrictive permissions.
+
+20080826
+
+       Bugfix (introduced Postfix 2.4): epoll file descriptor leak.
+       With Postfix >= 2.4 on Linux >= 2.6, Postfix has an epoll
+       file descriptor leak when it executes non-Postfix commands
+       in, for example, user-controlled $HOME/.forward files.  A
+       local user can access a leaked epoll file descriptor to
+       implement a denial of service attack on Postfix. Data
+       confidentiality and integrity are not affected.  File:
+       util/events.c.

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 4207d1bb78d0c264c31cecfc2270db780e433f0e..695b591e442660c6d5fa9c743e0b57dfc0ad418c 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20080814"
-#define MAIL_VERSION_NUMBER    "2.5.4"
+#define MAIL_RELEASE_DATE      "20080902"
+#define MAIL_VERSION_NUMBER    "2.5.5"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE     "-" MAIL_RELEASE_DATE

diff --git a/postfix/src/util/events.c b/postfix/src/util/events.c
index 0aa9eee52da99e604263c361b8bc304215885ff6..3e4239e78db9cd6e290ca8a812321387f9b15e79 100644 (file)
--- a/postfix/src/util/events.c
+++ b/postfix/src/util/events.c
@@ -354,6 +354,7 @@ static int event_pollfd;            /* handle to file descriptor set */
 
 #define EVENT_REG_INIT_HANDLE(er, n) do { \
        er = event_pollfd = open("/dev/poll", O_RDWR); \
+       if (event_pollfd >= 0) close_on_exec(event_pollfd, CLOSE_ON_EXEC); \
     } while (0)
 #define EVENT_REG_INIT_TEXT    "open /dev/poll"
 
@@ -425,6 +426,7 @@ static int event_epollfd;           /* epoll handle */
 
 #define EVENT_REG_INIT_HANDLE(er, n) do { \
        er = event_epollfd = epoll_create(n); \
+       if (event_epollfd >= 0) close_on_exec(event_epollfd, CLOSE_ON_EXEC); \
     } while (0)
 #define EVENT_REG_INIT_TEXT    "epoll_create"