From 2bde1d73b5ae09f99f48ff7072b5d8ca5d759014 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Mon, 22 Jan 2024 20:57:12 +0000
Subject: Mon Jan 22 20:57:12 UTC 2024

patches/packages/postfix-3.6.14-x86_64-1_slack15.0.txz:  Upgraded.
  Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
  = normalize" (default "no" for Postfix < 3.9), the Postfix
  SMTP server requires the standard End-of-DATA sequence
  <CR><LF>.<CR><LF>, and otherwise allows command or message
  content lines ending in the non-standard <LF>, processing
  them as if the client sent the standard <CR><LF>.
  The alternative setting, "smtpd_forbid_bare_newline = reject"
  will reject any command or message that contains a bare
  <LF>, and is more likely to cause problems with legitimate
  clients.
  For backwards compatibility, local clients are excluded by
  default with "smtpd_forbid_bare_newline_exclusions =
  $mynetworks".
  For more information, see:
    https://www.postfix.org/smtp-smuggling.html
  (* Security fix *)
---
 ChangeLog.txt | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'ChangeLog.txt')

diff --git a/ChangeLog.txt b/ChangeLog.txt
index ace4cd217..ff5bf714c 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,22 @@
+Mon Jan 22 20:57:12 UTC 2024
+patches/packages/postfix-3.6.14-x86_64-1_slack15.0.txz:  Upgraded.
+  Security (inbound SMTP smuggling): with "smtpd_forbid_bare_newline
+  = normalize" (default "no" for Postfix < 3.9), the Postfix
+  SMTP server requires the standard End-of-DATA sequence
+  <CR><LF>.<CR><LF>, and otherwise allows command or message
+  content lines ending in the non-standard <LF>, processing
+  them as if the client sent the standard <CR><LF>.
+  The alternative setting, "smtpd_forbid_bare_newline = reject"
+  will reject any command or message that contains a bare
+  <LF>, and is more likely to cause problems with legitimate
+  clients.
+  For backwards compatibility, local clients are excluded by
+  default with "smtpd_forbid_bare_newline_exclusions =
+  $mynetworks".
+  For more information, see:
+    https://www.postfix.org/smtp-smuggling.html
+  (* Security fix *)
++--------------------------+
 Sun Jan 21 20:50:08 UTC 2024
 extra/tigervnc/tigervnc-1.12.0-x86_64-5_slack15.0.txz:  Rebuilt.
   Recompiled against xorg-server-1.20.14, including the latest patches for
-- 
cgit v1.2.3-65-gdbad