Bug#925418: marked as done (unblock: postfix/3.4.4-1)

To: Ivo De Decker <ivodd@respighi.debian.org>
Subject: Bug#925418: marked as done (unblock: postfix/3.4.4-1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 30 Mar 2019 16:42:13 +0000
Message-id: <[🔎] handler.925418.D925418.155396393321609.ackdone@bugs.debian.org>
Reply-to: 925418@bugs.debian.org
References: <E1hAH0K-0006K4-Vx@respighi.debian.org> <[🔎] 20190324200402.18264.15906.reportbug@kitterma-E6430>

Your message dated Sat, 30 Mar 2019 16:38:48 +0000
with message-id <E1hAH0K-0006K4-Vx@respighi.debian.org>
and subject line unblock postfix
has caused the Debian Bug report #925418,
regarding unblock: postfix/3.4.4-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
925418: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925418
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: postfix/3.4.4-1
From: Scott Kitterman <debian@kitterman.com>
Date: Sun, 24 Mar 2019 16:04:02 -0400
Message-id: <[🔎] 20190324200402.18264.15906.reportbug@kitterma-E6430>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package postfix

About the time we were switching to postfix 3.4 in Buster there were a series
of bug reports/updates from upstream.  The first one (3.4.1 was caught in the
transition from experimental to unstable/buster.  I decided to wait and see
how things went upstream before uploading/asking for another unblock.

It looks like things have calmed down, so I'd like to get 3.4.4 into buster to
address several bugs, two of which are significant.  Since this is a post-
freeze bugfix update, I've taken to using the same level of detail in debian/
changelog that I've used for the stretch pu uploads that we've been doing
(3.1.6, 3.1.8, and 3.1.9).

These are all good bug fixes to have.  The broken DANE trust anchor file
support is a serious regression in it's own right and the
reject_multi_recipient_bounce bug, while not new, seems to be more frequent or
more visible with BDAT.

Thanks for considering,

Scott K

unblock postfix/3.4.4-1

diff -Nru postfix-3.4.1/debian/changelog postfix-3.4.4/debian/changelog
--- postfix-3.4.1/debian/changelog	2019-03-07 21:51:20.000000000 -0500
+++ postfix-3.4.4/debian/changelog	2019-03-24 15:35:12.000000000 -0400
@@ -1,3 +1,31 @@
+postfix (3.4.4-1) unstable; urgency=medium
+
+  [Wietse Venema]
+
+  * 3.4.2
+    - Bugfix (introduced: 20181226): broken DANE trust anchor
+      file support, caused by left-over debris from the 20181226
+      TLS library overhaul. Scott Kitterman. File: tls/tls_dane.c.
+      Closes: #924183
+    - Bugfix (introduced: Postfix-1.0.1): null pointer read, while
+      logging a warning after a corrupted bounce log file. File:
+      global/bounce_log.c.
+    - Bugfix (introduced: Postfix-2.9.0): null pointer read, while
+      logging a warning after a postscreen_command_filter read
+      error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
+  * 3.4.3
+    - Bitrot: LINUX5s support, after some sanity checks with a
+      rawhide prerelease version. Files: makedefs, util/sys_defs.h.
+      Closes: #922477
+  * 3.4.4
+    - Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
+      has been producing false rejects starting with the Postfix
+      2.2 smtpd_end_of_data_restrictons, and for the same reasons,
+      does the same with the Postfix 3.4 BDAT command. The latter
+      was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
+
+ -- Scott Kitterman <scott@kitterman.com>  Sun, 24 Mar 2019 15:28:00 -0400
+
 postfix (3.4.1-1) unstable; urgency=medium
 
   [Scott Kitterman]
diff -Nru postfix-3.4.1/HISTORY postfix-3.4.4/HISTORY
--- postfix-3.4.1/HISTORY	2019-03-07 19:08:17.000000000 -0500
+++ postfix-3.4.4/HISTORY	2019-03-14 19:57:12.000000000 -0400
@@ -24169,3 +24169,29 @@
 	the same filename for a private key and certificate. Reported
 	by Mike Kazantsev. Fix by Viktor Dukhovni. Wietse fixed the
 	test. Files: tls/tls_certkey.c, tls/Makefile.in.
+
+20190310
+
+	Bitrot: LINUX5s support, after some sanity checks with a
+	rawhide prerelease version. Files: makedefs, util/sys_defs.h.
+
+	Bugfix (introduced: 20181226): broken DANE trust anchor
+	file support, caused by left-over debris from the 20181226
+	TLS library overhaul. By intrigeri. File: tls/tls_dane.c.
+
+	Bugfix (introduced: Postfix-1.0.1): null pointer read, while
+	logging a warning after a corrupted bounce log file. File:
+	global/bounce_log.c.
+
+	Bugfix (introduced: Postfix-2.9.0): null pointer read, while
+	logging a warning after a postscreen_command_filter read
+	error. File: postscreen/postscreen_smtpd.c. global/bounce_log.c
+
+20190312
+
+	Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce
+	has been producing false rejects starting with the Postfix
+	2.2 smtpd_end_of_data_restrictons, and for the same reasons,
+	does the same with the Postfix 3.4 BDAT command. The latter
+	was reported by Andreas Schulze. File: smtpd/smtpd_check.c.
+
diff -Nru postfix-3.4.1/makedefs postfix-3.4.4/makedefs
--- postfix-3.4.1/makedefs	2019-02-10 18:11:21.000000000 -0500
+++ postfix-3.4.4/makedefs	2019-03-10 19:42:59.000000000 -0400
@@ -557,7 +557,7 @@
 		: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
 		: ${PLUGIN_LD="${CC-gcc} -shared"}
 		;;
-  Linux.[34].*)	SYSTYPE=LINUX$RELEASE_MAJOR
+ Linux.[345].*)	SYSTYPE=LINUX$RELEASE_MAJOR
 		case "$CCARGS" in
 		 *-DNO_DB*) ;;
 		 *-DHAS_DB*) ;;
diff -Nru postfix-3.4.1/src/global/bounce_log.c postfix-3.4.4/src/global/bounce_log.c
--- postfix-3.4.1/src/global/bounce_log.c	2014-12-06 20:35:33.000000000 -0500
+++ postfix-3.4.4/src/global/bounce_log.c	2019-03-10 17:08:20.000000000 -0400
@@ -264,7 +264,7 @@
 	recipient = cp + 1;
 	if ((cp = strstr(recipient, ">: ")) == 0) {
 	    msg_warn("%s: malformed record: %.30s...",
-		     VSTREAM_PATH(bp->fp), cp);
+		     VSTREAM_PATH(bp->fp), recipient - 1);
 	    continue;
 	}
 	*cp = 0;
diff -Nru postfix-3.4.1/src/global/mail_version.h postfix-3.4.4/src/global/mail_version.h
--- postfix-3.4.1/src/global/mail_version.h	2019-03-07 19:08:42.000000000 -0500
+++ postfix-3.4.4/src/global/mail_version.h	2019-03-14 19:53:55.000000000 -0400
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20190307"
-#define MAIL_VERSION_NUMBER	"3.4.1"
+#define MAIL_RELEASE_DATE	"20190314"
+#define MAIL_VERSION_NUMBER	"3.4.4"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff -Nru postfix-3.4.1/src/postscreen/postscreen_smtpd.c postfix-3.4.4/src/postscreen/postscreen_smtpd.c
--- postfix-3.4.1/src/postscreen/postscreen_smtpd.c	2018-09-03 18:49:28.000000000 -0400
+++ postfix-3.4.4/src/postscreen/postscreen_smtpd.c	2019-03-10 15:41:51.000000000 -0400
@@ -939,7 +939,8 @@
 		vstring_strcpy(state->cmd_buffer, cp);
 	    } else if (psc_cmd_filter->error != 0) {
 		msg_fatal("%s:%s lookup error for \"%.100s\"",
-			  psc_cmd_filter->type, psc_cmd_filter->name, cp);
+			  psc_cmd_filter->type, psc_cmd_filter->name,
+			  STR(state->cmd_buffer));
 	    }
 	}
 
diff -Nru postfix-3.4.1/src/smtpd/smtpd_check.c postfix-3.4.4/src/smtpd/smtpd_check.c
--- postfix-3.4.1/src/smtpd/smtpd_check.c	2018-08-23 09:44:18.000000000 -0400
+++ postfix-3.4.4/src/smtpd/smtpd_check.c	2019-03-12 08:28:20.000000000 -0400
@@ -4583,7 +4583,7 @@
 		status = check_recipient_rcpt_maps(state, state->recipient);
 	} else if (strcasecmp(name, REJECT_MUL_RCPT_BOUNCE) == 0) {
 	    if (state->sender && *state->sender == 0 && state->rcpt_count
-		> (strcmp(state->where, SMTPD_CMD_DATA) ? 0 : 1))
+		> (strcmp(state->where, SMTPD_CMD_RCPT) != 0))
 		status = smtpd_check_reject(state, MAIL_ERROR_POLICY,
 					    var_mul_rcpt_code, "5.5.3",
 				"<%s>: %s rejected: Multi-recipient bounce",
diff -Nru postfix-3.4.1/src/tls/tls_dane.c postfix-3.4.4/src/tls/tls_dane.c
--- postfix-3.4.1/src/tls/tls_dane.c	2019-02-09 20:22:14.000000000 -0500
+++ postfix-3.4.4/src/tls/tls_dane.c	2019-03-10 15:26:20.000000000 -0400
@@ -1125,7 +1125,6 @@
 
 int     tls_dane_load_trustfile(TLS_DANE *dane, const char *tafile)
 {
-#ifdef TRUST_ANCHOR_SUPPORT
     BIO    *bp;
     char   *name = 0;
     char   *header = 0;
@@ -1217,9 +1216,6 @@
     }
     /* Some other PEM read error */
     tls_print_errors();
-#else
-    msg_warn("Trust anchor files not supported");
-#endif
     return (0);
 }
 
diff -Nru postfix-3.4.1/src/util/sys_defs.h postfix-3.4.4/src/util/sys_defs.h
--- postfix-3.4.1/src/util/sys_defs.h	2018-03-04 14:01:27.000000000 -0500
+++ postfix-3.4.4/src/util/sys_defs.h	2019-03-10 12:58:04.000000000 -0400
@@ -749,7 +749,7 @@
  /*
   * LINUX.
   */
-#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4)
+#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5)
 #define SUPPORTED
 #define UINT32_TYPE	unsigned int
 #define UINT16_TYPE	unsigned short

--- End Message ---

--- Begin Message ---

To: 925418-done@bugs.debian.org

Subject: unblock postfix

From: Ivo De Decker <ivodd@respighi.debian.org>

Date: Sat, 30 Mar 2019 16:38:48 +0000

Message-id: <E1hAH0K-0006K4-Vx@respighi.debian.org>
Unblocked postfix.
--- End Message ---

Reply to:

References:
- Bug#925418: unblock: postfix/3.4.4-1
  - From: Scott Kitterman <debian@kitterman.com>

Prev by Date: Processed: Re: unblock: ruby-doorkeeper-openid-connect/1.5.5-1
Next by Date: Processed: Re: Bug#922340: unblock: open-build-service/2.9.4-1
Previous by thread: Processed: Re: Bug#925418: unblock: postfix/3.4.4-1
Next by thread: Bug#924156: RM: openhft-chronicle-wire/1.1.13-1
Index(es):
- Date
- Thread