summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2023-12-23 02:48:56 +0000
committer Eric Hameleers <alien@slackware.com>2023-12-23 04:30:41 +0100
commit2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae (patch)
treed53b16e8dedb949eec78c45ca27b5c89308a6ec4 /ChangeLog.txt
parent6011a48b2a96356beb8a567ee93b7fe8c87ace50 (diff)
downloadcurrent-2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae.tar.gz
current-2b78642fcc7ee3ea7d7cb8cc7cb750029f30cdae.tar.xz
Sat Dec 23 02:48:56 UTC 202320231223024856
a/glibc-zoneinfo-2023d-noarch-1.txz: Upgraded. This package provides the latest timezone updates. l/libsass-3.6.6-x86_64-1.txz: Upgraded. n/postfix-3.8.4-x86_64-1.txz: Upgraded. Security: this release adds support to defend against an email spoofing attack (SMTP smuggling) on recipients at a Postfix server. Sites concerned about SMTP smuggling attacks should enable this feature on Internet-facing Postfix servers. For compatibility with non-standard clients, Postfix by default excludes clients in mynetworks from this countermeasure. The recommended settings are: # Optionally disconnect remote SMTP clients that send bare newlines, # but allow local clients with non-standard SMTP implementations # such as netcat, fax machines, or load balancer health checks. # smtpd_forbid_bare_newline = yes smtpd_forbid_bare_newline_exclusions = $mynetworks The smtpd_forbid_bare_newline feature is disabled by default. For more information, see: https://www.postfix.org/smtp-smuggling.html (* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt23
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index a770ce1d4..7a8fd9102 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,26 @@
+Sat Dec 23 02:48:56 UTC 2023
+a/glibc-zoneinfo-2023d-noarch-1.txz: Upgraded.
+ This package provides the latest timezone updates.
+l/libsass-3.6.6-x86_64-1.txz: Upgraded.
+n/postfix-3.8.4-x86_64-1.txz: Upgraded.
+ Security: this release adds support to defend against an email spoofing
+ attack (SMTP smuggling) on recipients at a Postfix server. Sites
+ concerned about SMTP smuggling attacks should enable this feature on
+ Internet-facing Postfix servers. For compatibility with non-standard
+ clients, Postfix by default excludes clients in mynetworks from this
+ countermeasure.
+ The recommended settings are:
+ # Optionally disconnect remote SMTP clients that send bare newlines,
+ # but allow local clients with non-standard SMTP implementations
+ # such as netcat, fax machines, or load balancer health checks.
+ #
+ smtpd_forbid_bare_newline = yes
+ smtpd_forbid_bare_newline_exclusions = $mynetworks
+ The smtpd_forbid_bare_newline feature is disabled by default.
+ For more information, see:
+ https://www.postfix.org/smtp-smuggling.html
+ (* Security fix *)
++--------------------------+
Thu Dec 21 20:46:11 UTC 2023
n/iw-6.7-x86_64-1.txz: Upgraded.
n/php-8.3.1-x86_64-1.txz: Upgraded.