diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-12-23 02:48:56 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-12-23 04:30:41 +0100 |
| commit | 2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae (patch) | |
| tree | d53b16e8dedb949eec78c45ca27b5c89308a6ec4 /ChangeLog.txt | |
| parent | 6011a48b2a96356beb8a567ee93b7fe8c87ace50 (diff) | |
| download | current-2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae.tar.gz current-2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae.tar.xz | |
Sat Dec 23 02:48:56 UTC 202320231223024856
a/glibc-zoneinfo-2023d-noarch-1.txz: Upgraded.
This package provides the latest timezone updates.
l/libsass-3.6.6-x86_64-1.txz: Upgraded.
n/postfix-3.8.4-x86_64-1.txz: Upgraded.
Security: this release adds support to defend against an email spoofing
attack (SMTP smuggling) on recipients at a Postfix server. Sites
concerned about SMTP smuggling attacks should enable this feature on
Internet-facing Postfix servers. For compatibility with non-standard
clients, Postfix by default excludes clients in mynetworks from this
countermeasure.
The recommended settings are:
# Optionally disconnect remote SMTP clients that send bare newlines,
# but allow local clients with non-standard SMTP implementations
# such as netcat, fax machines, or load balancer health checks.
#
smtpd_forbid_bare_newline = yes
smtpd_forbid_bare_newline_exclusions = $mynetworks
The smtpd_forbid_bare_newline feature is disabled by default.
For more information, see:
https://www.postfix.org/smtp-smuggling.html
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index a770ce1d4..7a8fd9102 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,26 @@ +Sat Dec 23 02:48:56 UTC 2023 +a/glibc-zoneinfo-2023d-noarch-1.txz: Upgraded. + This package provides the latest timezone updates. +l/libsass-3.6.6-x86_64-1.txz: Upgraded. +n/postfix-3.8.4-x86_64-1.txz: Upgraded. + Security: this release adds support to defend against an email spoofing + attack (SMTP smuggling) on recipients at a Postfix server. Sites + concerned about SMTP smuggling attacks should enable this feature on + Internet-facing Postfix servers. For compatibility with non-standard + clients, Postfix by default excludes clients in mynetworks from this + countermeasure. + The recommended settings are: + # Optionally disconnect remote SMTP clients that send bare newlines, + # but allow local clients with non-standard SMTP implementations + # such as netcat, fax machines, or load balancer health checks. + # + smtpd_forbid_bare_newline = yes + smtpd_forbid_bare_newline_exclusions = $mynetworks + The smtpd_forbid_bare_newline feature is disabled by default. + For more information, see: + https://www.postfix.org/smtp-smuggling.html + (* Security fix *) ++--------------------------+ Thu Dec 21 20:46:11 UTC 2023 n/iw-6.7-x86_64-1.txz: Upgraded. n/php-8.3.1-x86_64-1.txz: Upgraded. |