diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-23 02:48:56 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-12-23 13:30:45 +0100 |
commit | d46ef1440f426d37b8e6935991e5c5808e558d66 (patch) | |
tree | a77e740580aa496881bdff4b765b7f6711beb742 /ChangeLog.txt | |
parent | 7bbe71feeaf755f8126ea2880faa06c2f520eeaf (diff) | |
download | current-d46ef1440f426d37b8e6935991e5c5808e558d66.tar.gz current-d46ef1440f426d37b8e6935991e5c5808e558d66.tar.xz |
Sat Dec 23 02:48:56 UTC 202320231223024856_15.0
patches/packages/glibc-zoneinfo-2023d-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/postfix-3.6.13-x86_64-1_slack15.0.txz: Upgraded.
Security: this release adds support to defend against an email spoofing
attack (SMTP smuggling) on recipients at a Postfix server. Sites
concerned about SMTP smuggling attacks should enable this feature on
Internet-facing Postfix servers. For compatibility with non-standard
clients, Postfix by default excludes clients in mynetworks from this
countermeasure.
The recommended settings are:
# Optionally disconnect remote SMTP clients that send bare newlines,
# but allow local clients with non-standard SMTP implementations
# such as netcat, fax machines, or load balancer health checks.
#
smtpd_forbid_bare_newline = yes
smtpd_forbid_bare_newline_exclusions = $mynetworks
The smtpd_forbid_bare_newline feature is disabled by default.
For more information, see:
https://www.postfix.org/smtp-smuggling.html
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 8078d4793..05163028f 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,25 @@ +Sat Dec 23 02:48:56 UTC 2023 +patches/packages/glibc-zoneinfo-2023d-noarch-1_slack15.0.txz: Upgraded. + This package provides the latest timezone updates. +patches/packages/postfix-3.6.13-x86_64-1_slack15.0.txz: Upgraded. + Security: this release adds support to defend against an email spoofing + attack (SMTP smuggling) on recipients at a Postfix server. Sites + concerned about SMTP smuggling attacks should enable this feature on + Internet-facing Postfix servers. For compatibility with non-standard + clients, Postfix by default excludes clients in mynetworks from this + countermeasure. + The recommended settings are: + # Optionally disconnect remote SMTP clients that send bare newlines, + # but allow local clients with non-standard SMTP implementations + # such as netcat, fax machines, or load balancer health checks. + # + smtpd_forbid_bare_newline = yes + smtpd_forbid_bare_newline_exclusions = $mynetworks + The smtpd_forbid_bare_newline feature is disabled by default. + For more information, see: + https://www.postfix.org/smtp-smuggling.html + (* Security fix *) ++--------------------------+ Thu Dec 21 20:46:11 UTC 2023 extra/php81/php81-8.1.27-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. |