-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Oct 2019 19:28:19 -0400
Source: postfix
Binary: postfix postfix-ldap postfix-lmdb postfix-cdb postfix-pcre postfix-mysql postfix-pgsql postfix-sqlite postfix-doc
Architecture: all
Version: 3.1.14-0+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Scott Kitterman <scott@kitterman.com>
Description:
 postfix    - High-performance mail transport agent
 postfix-cdb - CDB map support for Postfix
 postfix-doc - Documentation for Postfix
 postfix-ldap - LDAP map support for Postfix
 postfix-lmdb - LMDB map support for Postfix
 postfix-mysql - MySQL map support for Postfix
 postfix-pcre - PCRE map support for Postfix
 postfix-pgsql - PostgreSQL map support for Postfix
 postfix-sqlite - SQLite map support for Postfix
Changes:
 postfix (3.1.14-0+deb9u1) stretch; urgency=medium
 .
   [Wietse Venema]
 .
   * 3.1.13
     - Bugfix (introduced: Postfix 2.3): a censoring filter broke
       multiline Milter responses for header/body events. Problem
       report by Andreas Thienemann. Files: util/printable.c,
       util/stringops.h, smtpd/smtpd.c
     - Workaround for implementations that hang Postfix while
       shutting down a TLS session, until Postfix times out. With
       "tls_fast_shutdown_enable = yes" (the default), Postfix no
       longer waits for the TLS peer to respond to a TLS 'close'
       request. This is recommended with TLSv1.0 and later. Files:
       global/mail_params.h, tls/tls_session.c, and documentation.
     - Bugfix (introduced: Postfix 3.0): the code to reset Postfix
       SMTP server command counts was not called after a HaProxy
       handshake failure, causing stale numbers to be reported.
       The command counts are now reset in the function that reports
       the counts. File: smtpd/smtpd.c
   * 3.1.14
     - Bugfix: the documentation said tls_fast_shutdown_enable,
       but the code said tls_fast_shutdown. Viktor Dukhovni. Changed
       the code because no-one is expected to override the default.
       File: global/mail_params.h.
     - Workaround for poor TCP loopback performance on LINUX, where
       getsockopt(..., TCP_MAXSEG, ..) reports a TCP maximal segment
       size that is 1/2 to 1/3 of the MTU. For example, with kernel
       5.1.16-300.fc30.x86_64 the TCP client and server announce
       an mss of 65495 in the TCP handshake, but getsockopt()
       returns 32741 (less than half). As a matter of principle,
       Postfix won't turn on client-side TCP_NODELAY because that
       hides application performance bugs, and because that still
       suffers from server-side delayed ACKs. Instead, Postfix
       avoids sending "small" writes back-to-back, by choosing a
       VSTREAM buffer size that is a multiple of the reported MSS.
       This workaround bumps the multiplier from 2x to 4x. File:
       util/vstream_tweak.c.
     - Bugfix (introduced: 20051222): the Dovecot client could
       segfault (null pointer read) or cause an SMTP server assertion
       to fail when talking to a fake Dovecot server. The client
       now logs a proper error instead. Problem reported by Tim
       Düsterhus. File: xsasl/xsasl_dovecot_server.c.
     - Bitrot: don't invoke SSL_shutdown() when the SSL engine
       thinks it is processing a TLS handshake. The commit at
       https://github.com/openssl/openssl/commit/64193c8218540499984cd63cda41f3cd491f3f59
       changed the error status, incompatibly, from SSL_ERROR_NONE
       into SSL_ERROR_SSL. File: tlsproxy/tlsproxxy.c.
     - Bugfix (introduced: Postfix-2.9.0): null pointer read, while
       logging a warning after a postscreen_command_filter read
       error. File: postscreen/postscreen_smtpd.c.
Checksums-Sha1:
 40cc46d1adf8d06b7879934d413522880ba377c1 1183006 postfix-doc_3.1.14-0+deb9u1_all.deb
 eadedb42064044065bf0bb2c81a2384fd22d1cb1 7538 postfix_3.1.14-0+deb9u1_all.buildinfo
Checksums-Sha256:
 06e5c8676df09347aa5faece8f9813c45241ebbeb3d587c4b374f4a21198780c 1183006 postfix-doc_3.1.14-0+deb9u1_all.deb
 9ab068bd19bd05fe538d0abddb4774ca9d04a8cdbe0419887922655af5c85e24 7538 postfix_3.1.14-0+deb9u1_all.buildinfo
Files:
 a26b8b788cf7f2580ae903def50dffce 1183006 doc extra postfix-doc_3.1.14-0+deb9u1_all.deb
 4a78f941c485bebc6c2877f8e055caf3 7538 mail extra postfix_3.1.14-0+deb9u1_all.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUT6sJkHnJYUGfmnJQl1fD/W8hvcFAl2jjW4ACgkQQl1fD/W8
hvdpZg/9E22yXr+T3Cc0sSyEL96dV2EPxEf6mh3GKJ9XP/G9QZ6EfcmKgtk6hag/
b6CvEo2x9HMzEaQRbvbgg6L6Ipdzy9V+leQxzdetwxkgC5BjBZCLi/Ja2cFpsv5Q
Whwyo1CLn6KT9m2SU3C389S7lhm69tRQ7B0CJxqjSSg5Fi3ZG6NdFrqpOHrO+aV/
QrIgwdzPr1fsF73h4JXRdv/E3dTIJUO6biOznzBQ/17DWx/nWcJ0TKS08NHjIWqd
dwyg7Lbsc9ZZ0qQmkZ0brNi63lFc+z+9E6hbq25q38kdh2GPhTN06FiJHk09f4q9
n3Q1aUdYwiiqQ/Jfh7E3kyjA2VEVfmhOlVCUiNruCBJ2VhqexFpL1i7JmPE8/ODN
6YrNzXyEJy/nnJd2U+wqPXSGtKE01uujhN+NfkJW61VjPdR0yItcxCZy/HD+Xx06
LRI76SERVWzuWnAbP3En6K6smtdE0px58FUw/Jd1lCn+PfjP7C2nGiWCtrbUzTqZ
6TAz8GtPKZ0cUT1AuX90QPfb+ERf/m/epemWDi5zg4MqCD+2OjpaZ3AcoevVLXCW
LYBSfWaMgsFhHxM68onw1fiKWHlMoUEK4FizlcUm7c2U2eOML1BTNpA0KKws0UFK
T1OiCkrKRI/bXmAmEkWmMw9DDKKdTiQuxBE3HwF+JGFKwBk4KQw=
=/iOC
-----END PGP SIGNATURE-----