Merge ~lucaskanashiro/ubuntu/+source/postfix:update-to-version-3.4.11 into ubuntu/+source/postfix:ubuntu/focal-devel
Proposed by
Lucas Kanashiro
Status: | Approved |
---|---|
Approved by: | Lucas Kanashiro |
Approved revision: | b4a96e9bbe9b1ceebb75dd0a24ed6b711c98749b |
Proposed branch: | ~lucaskanashiro/ubuntu/+source/postfix:update-to-version-3.4.11 |
Merge into: | ubuntu/+source/postfix:ubuntu/focal-devel |
Diff against target: |
212 lines (+38/-58) 10 files modified
HISTORY (+9/-0) Makefile.in (+1/-1) debian/changelog (+10/-0) debian/patches/series (+0/-1) dev/null (+0/-51) makedefs (+1/-1) src/dns/dns.h (+4/-0) src/dns/dns_lookup.c (+5/-2) src/dns/dns_str_resflags.c (+6/-0) src/global/mail_version.h (+2/-2) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Lucas Kanashiro (community) | Approve | ||
Bryce Harrington (community) | Needs Fixing | ||
Canonical Server Core Reviewers | Pending | ||
Review via email: mp+385501@code.launchpad.net |
Description of the change
This MP updates postfix to version 3.4.11 in Focal to fix this bug:
https:/
Scott Kitterman proposed this microrelease update (from 3.4.10 to 3.4.11) since the changes are minimal and it was already approved by the Tech Board in the past.
Here is a PPA with the proposed package:
https:/
autopkgtest is still happy:
autopkgtest [10:53:30]: @@@@@@@
postfix PASS
To post a comment you must log in.
* Changelog:
- [√] old content and logical tag match as expected
- [√] changelog entry correct version and targeted codename
- [√] changelog entries correct
- [x] update-maintainer has been run
* Actual changes:
- [x] no upstream changes to consider
- [√] no further upstream version to consider
- [√] debian changes look safe
* Old Delta:
- [√] dropped changes are ok to be dropped
- [√] nothing else to drop
- [√] changes forwarded upstream/debian (if appropriate)
* New Delta: patches/ series
- [-] no new patches added
- [√] patches match what was proposed upstream
- [√] patches correctly included in debian/
- [√] patches have correct DEP3 metadata
* Build/Test:
- [√] build is ok
- [√] verified PPA package installs/uninstalls
- [√] autopkgtest against the PPA package passes
- [√] sanity checks test fine
Don't forget to run update-maintainer
I examined the dropped patch. It looks like some of it still should apply, however it looks like the rationale to include it was purely just to fix a build problem, so I agree if it now builds ok then the need for the patch is gone. So dropping it LGTM.
I didn't attempt to rebuild the package, but I did verify it installs from the PPA into lxc, and I ran the test cases for eoan and focal. The behavior is still a bit different but it appears to work:
root@triage- eoan:/home/ bryce# posttls-finger -t30 -T180 -c -L verbose,summary -w smtp.sdeziel. info:465 smtp.sdeziel. info -> dane-ta. le-authority- x3.sdeziel. info IN TLSA 2 1 1 60:B8:75: 75:44:7D: CB:A2:A3: 6B:7D:11: AC:09:FB: 24:A9:DB: 40:6F:EE: 12:D2:CC: 90:18:05: 17:61:6E: 8A:18 info[24. 212.252. 42]:465 info[24. 212.252. 42]:465: TLS cipher list "aNULL: -aNULL: HIGH:MEDIUM: +RC4:@STRENGTH: !aNULL" info[24. 212.252. 42]:465: depth=1 matched trust anchor public-key sha256 digest= 60:B8:75: 75:44:7D: CB:A2:A3: 6B:7D:11: AC:09:FB: 24:A9:DB: 40:6F:EE: 12:D2:CC: 90:18:05: 17:61:6E: 8A:18 info[24. 212.252. 42]:465: depth=0 chain is trust-anchor signed info[24. 212.252. 42]:465: depth=0 verify=1 subject= /CN=smtp. sdeziel. info info[24. 212.252. 42]:465: subjectAltName: imap.sdeziel.info info[24. 212.252. 42]:465: subjectAltName: mail.sdeziel.info info[24. 212.252. 42]:465: Matched subjectAltName: smtp.sdeziel.info info[24. 212.252. 42]:465 CommonName smtp.sdeziel.info info[24. 212.252. 42]:465: subject_ CN=smtp. sdeziel. info, issuer_CN=Let's Encrypt Authority X3, fingerprint= C9:7A:27: B3:13:62: 4C:ED:5C: C8:CE:6D: 9D:E8:E7: 3A:F2:73: AE:9D, pkey_fingerprin t=59:B1: 2C:D2:78: CD:55:A1: 11:F5:D5: AA:DB:87: 1E:16:00: EC:52:33 info[24. 212.252. 42]:465: TLSv1.3 with cipher TLS_AES_ 256_GCM_ SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
posttls-finger: initializing the client-side TLS engine
posttls-finger: using DANE RR: _465._tcp.
posttls-finger: setting up TLS connection to smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: smtp.sdeziel.
posttls-finger: Verified TLS connection established to smtp.sdeziel.
And on focal:
root@triage-f...