FW: Postfix stable release 3.7.2 - interest in updated package?

Jason Pyeron jpyeron@pdinc.us
Thu Apr 28 14:39:56 GMT 2022 

I will prioritize the packaging of this release (see below) based on community interest, otherwise looking at late May.

My task #10403

-Jason

-----Original Message-----
From: Wietse Venema
Sent: Thursday, April 28, 2022 9:23 AM
To: Postfix announce 
Cc: Postfix users 
Subject: Postfix stable release 3.7.2

[An on-line version of this announcement will be available at
https://www.postfix.org/announcements/postfix-3.7.2.html]

This reverts an overly complex change in the postscreen SMTP engine
(made during Postfix 3.7 development), and replaces it with much
simpler code. The bad change was crashing postscreen on some systems
after receiving malformed input (for example, a TLS "hello" message).

Workarounds are at the end of this text.

Under conditions described below, the postscreen program attempted
to read through an uninitialized 'const' pointer. The pointer value
depended on the compiler type and compiler options, but crucially,
it did not depend on network inputs.

The conditions were that 1) postscreen was enabled (not the default),
2) SMTPUTF8 support was enabled (the default), and 3) postscreen
received non-UTF8 input, for example, a TLS or RDP (remote desktop)
handshake request.

Depending on compiler details, the result of the read operation
could be "uninteresting", a combined memory leak and file handle
leak, or a postscreen crash with a segmentation violation (signal
11).

The segmentation violation result was observed by Michael Grimm
while running Postfix 3.7 and 3.8 on a FreeBSD 13.1 pre-release
version, while the result was "uninteresting" with FreeBSD 13.0
(both systems use Clang instead of GCC). The result was also
"uninteresting" on Fedora Linux with GCC, and on a few older systems
with GCC.

Workarounds:

  * Do nothing. On most systems the result is "uninteresting".

  * Do nothing. On systems where postscreen does crash, the crashes
    are rare, harmless, and postscreen restarts immediately when
    an SMTP client connects. On systems where postscreen does leak
    a file handle, it will restart when it reaches a resource limit.

  * Disable postscreen. Follow instructions in
    https://www.postfix.org/POSTSCREEN_README.html#turnoff

You can find the updated Postfix source code at the mirrors listed
at https://www.postfix.org/.

More information about the Cygwin mailing list