postfix-3.5-20190310

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 134ed0f8bafbde20c6e704c7332e3049041c180f..80134b11f756efc35810fffd001a08786198666e 100644 (file)
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -24179,3 +24179,20 @@ Apologies for any names omitted.
        the same filename for a private key and certificate. Reported
        by Mike Kazantsev. Fix by Viktor Dukhovni. Wietse fixed the
        test. Files: tls/tls_certkey.c, tls/Makefile.in.
+
+20190310
+
+       Bitrot: LINUX5s support, after some sanity checks with a
+       rawhide prerelease version. Files: makedefs, util/sys_defs.h.
+
+       Bugfix (introduced: 20181226): broken DANE trust anchor
+       file support, caused by left-over debris from the 20181226
+       TLS library overhaul. Scott Kitterman. File: tls/tls_dane.c.
+
+       Bugfix (introduced: Postfix-1.0.1): null pointer read, while
+       logging a warning after a corrupted bounce log file. File:
+       global/bounce_log.c.
+
+       Bugfix (introduced: Postfix-2.9.0): null pointer read, while
+       logging a warning after a postscreen_command_filter read
+       error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c

diff --git a/postfix/makedefs b/postfix/makedefs
index 5b16e1fb308ef978fc67b4d1a4e672aaea678d47..c9e50db73b5f13aca5c6ada3390d813f63e2e567 100644 (file)
--- a/postfix/makedefs
+++ b/postfix/makedefs
@@ -557,7 +557,7 @@ EOF
                : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
                : ${PLUGIN_LD="${CC-gcc} -shared"}
                ;;
-  Linux.[34].*)        SYSTYPE=LINUX$RELEASE_MAJOR
+ Linux.[345].*)        SYSTYPE=LINUX$RELEASE_MAJOR
                case "$CCARGS" in
                 *-DNO_DB*) ;;
                 *-DHAS_DB*) ;;

diff --git a/postfix/src/global/bounce_log.c b/postfix/src/global/bounce_log.c
index 6f8f5111ebddb1517e9581b743507e0b706d1a4a..198f2405dffb716d5f9074a967862d673196e984 100644 (file)
--- a/postfix/src/global/bounce_log.c
+++ b/postfix/src/global/bounce_log.c
@@ -264,7 +264,7 @@ BOUNCE_LOG *bounce_log_read(BOUNCE_LOG *bp, RCPT_BUF *rcpt_buf,
        recipient = cp + 1;
        if ((cp = strstr(recipient, ">: ")) == 0) {
            msg_warn("%s: malformed record: %.30s...",
-                    VSTREAM_PATH(bp->fp), cp);
+                    VSTREAM_PATH(bp->fp), recipient - 1);
            continue;
        }
        *cp = 0;

diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 4f1fe07f9f28f1652a3f29e40efc3f77c5e0035a..952a98ed7060f87bfc931ad7d06ebf241aa48e06 100644 (file)
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE      "20190307"
+#define MAIL_RELEASE_DATE      "20190310"
 #define MAIL_VERSION_NUMBER    "3.5"
 
 #ifdef SNAPSHOT

diff --git a/postfix/src/postscreen/postscreen_smtpd.c b/postfix/src/postscreen/postscreen_smtpd.c
index af3525fe72ec39149c9c546cb2cd9636c47833a8..78392072fdc87d18dda8d8ef36f63c60cb1090ae 100644 (file)
--- a/postfix/src/postscreen/postscreen_smtpd.c
+++ b/postfix/src/postscreen/postscreen_smtpd.c
@@ -939,7 +939,8 @@ static void psc_smtpd_read_event(int event, void *context)
                vstring_strcpy(state->cmd_buffer, cp);
            } else if (psc_cmd_filter->error != 0) {
                msg_fatal("%s:%s lookup error for \"%.100s\"",
-                         psc_cmd_filter->type, psc_cmd_filter->name, cp);
+                         psc_cmd_filter->type, psc_cmd_filter->name,
+                         STR(state->cmd_buffer));
            }
        }
 

diff --git a/postfix/src/tls/tls_dane.c b/postfix/src/tls/tls_dane.c
index 93f8e2a520f76b2e672914c17c9de3932b6998be..013426b1197426809fbdea0cd1bddef806bc1a66 100644 (file)
--- a/postfix/src/tls/tls_dane.c
+++ b/postfix/src/tls/tls_dane.c
@@ -1125,7 +1125,6 @@ TLS_DANE *tls_dane_resolve(unsigned port, const char *proto, DNS_RR *hostrr,
 
 int     tls_dane_load_trustfile(TLS_DANE *dane, const char *tafile)
 {
-#ifdef TRUST_ANCHOR_SUPPORT
     BIO    *bp;
     char   *name = 0;
     char   *header = 0;
@@ -1217,9 +1216,6 @@ int     tls_dane_load_trustfile(TLS_DANE *dane, const char *tafile)
     }
     /* Some other PEM read error */
     tls_print_errors();
-#else
-    msg_warn("Trust anchor files not supported");
-#endif
     return (0);
 }
 

diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h
index a8d25712630a576a1bff5a7efb2550cd90118645..39daa16d04eb93f54590902a1eb28eab868b5e1e 100644 (file)
--- a/postfix/src/util/sys_defs.h
+++ b/postfix/src/util/sys_defs.h
@@ -749,7 +749,7 @@ extern int initgroups(const char *, int);
  /*
   * LINUX.
   */
-#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4)
+#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5)
 #define SUPPORTED
 #define UINT32_TYPE    unsigned int
 #define UINT16_TYPE    unsigned short