From: Wietse Z Venema Date: Tue, 25 Nov 2025 05:00:00 +0000 (-0500) Subject: postfix-3.9.7 X-Git-Tag: v3.9.7^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1e05a99ae196ad474664d1668dc3492b0ee39174;p=thirdparty%2Fpostfix.git postfix-3.9.7 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index ba062204b..8322a4be7 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -28239,3 +28239,15 @@ Apologies for any names omitted. with "database X is older than source file Y". Files: util/dict.c, util/dict_db.c, util/dict_dbm.c, util/dict_lmdb.c, util/dict_sdbm.c. + +20251028 + + Documentation: removed incorrect text from the parameter + description for smtp_cname_overrides_servername. File: + proto/postconf.proto. + +20251120 + + Bugfix (defect introduced: Postfix 2.9, date: 20120307): + segfault with duplicate parameter name in "postconf -X" or + "postconf -#'. File: postconf/postconf_edit.c. diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index fbd317a86..d012b8d17 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -11229,10 +11229,6 @@ false hostname information in DNS CNAME records, and makes SASL password file lookups more predictable. This is the default setting as of Postfix 2.3.

-

When DNS CNAME records are validated with secure DNS lookups -(smtp_dns_support_level = dnssec), they are always allowed to -override the above servername (Postfix 2.11 and later).

-

This feature is available in Postfix 2.2.9 and later.

diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index d6e333c9d..d8038c327 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -7202,10 +7202,6 @@ false hostname information in DNS CNAME records, and makes SASL password file lookups more predictable. This is the default setting as of Postfix 2.3. .PP -When DNS CNAME records are validated with secure DNS lookups -(smtp_dns_support_level = dnssec), they are always allowed to -override the above servername (Postfix 2.11 and later). -.PP This feature is available in Postfix 2.2.9 and later. .SH smtp_connect_timeout (default: 30s) The Postfix SMTP client time limit for completing a TCP connection, or diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 023b1eef2..abd3924cb 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -11312,10 +11312,6 @@ false hostname information in DNS CNAME records, and makes SASL password file lookups more predictable. This is the default setting as of Postfix 2.3.

-

When DNS CNAME records are validated with secure DNS lookups -(smtp_dns_support_level = dnssec), they are always allowed to -override the above servername (Postfix 2.11 and later).

-

This feature is available in Postfix 2.2.9 and later.

%PARAM lmtp_cname_overrides_servername yes diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index efe069408..9a46e6322 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20251026" -#define MAIL_VERSION_NUMBER "3.9.6" +#define MAIL_RELEASE_DATE "20251125" +#define MAIL_VERSION_NUMBER "3.9.7" #ifdef SNAPSHOT #define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/postconf/postconf_edit.c b/postfix/src/postconf/postconf_edit.c index 642965817..2808290bf 100644 --- a/postfix/src/postconf/postconf_edit.c +++ b/postfix/src/postconf/postconf_edit.c @@ -209,8 +209,10 @@ void pcf_edit_main(int mode, int argc, char **argv) msg_panic("pcf_edit_main: unknown mode %d", mode); } if ((cvalue = htable_find(table, pattern)) != 0) { - msg_warn("ignoring earlier request: '%s = %s'", - pattern, cvalue->value); + if (edit_value && cvalue->value + && strcmp(edit_value, cvalue->value) != 0) + msg_warn("ignoring earlier request: '%s = %s'", + pattern, cvalue->value); htable_delete(table, pattern, myfree); } cvalue = (struct cvalue *) mymalloc(sizeof(*cvalue));