OpenSMTPD官网安全更新（2023-10-25）

安全更新

OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions. It allows ordinary machines to exchange e-mails with systems speaking the SMTP protocol. It implements a fairly large part of RFC5321 and can already cover a large range of use-cases.<br/><br/>It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, Linux and OSX.<br/><br/>The archives are now available from the main site at [www.OpenSMTPD.org](http://www.opensmtpd.org/)<br/><br/>We would like to thank the OpenSMTPD community for their help in testing the snapshots, reporting bugs, contributing code and packaging for other systems.<br/><br/>This is a major release with multiple bug fixes.<br/><br/><br/>Dependencies note:<br/>==================<br/><br/>This release builds with LibreSSL, or OpenSSL &amp;gt; 1.1.1 optionally with LibreTLS.<br/><br/>It&amp;#039;s preferable to depend on LibreSSL as OpenSMTPD is written and tested with that dependency. OpenSSL library is considered as a best effort target TLS library and provided as a commodity, LibreSSL has become our target TLS library.<br/><br/><br/>Changes in this release:<br/>========================<br/><br/>- Avoid truncation of filtered data lines.<br/> Lines in the email body passed through a filter were truncated to<br/> roughly `LINE_MAX` bytes.<br/><br/>- Allow arguments on `NOOP`.<br/><br/>- Swap `link-auth` filter arguments and bump filter protocol version.<br/> It was ambiguous in the case the user name would contain a &amp;#039;|&amp;#039; character.<br/><br/>- Add Message-ID as needed for messages received on the submission port.<br/> This was dropped during the incoming message parser refactor in 2018.<br/><br/>- Drop ENGINE support.<br/><br/>- Updated the bundled copy of libtls.<br/> This includes the removal of the support for TLS v1.0 and 1.1 as they were &amp;quot;MUST NOT use&amp;quot; for more than two years already.<br/><br/><br/>The neverending cleanup of the -portable layer continued. This includes the complete rework of some parts:<br/><br/>- Rework of the configure script:<br/> + use `AC_SYSTEM_EXTENSIONS`<br/> + better checks for libraries using `AC_SEARCH_LIBS`<br/> + dropped some useless and/or redundant checks<br/> + better checks for functions, shouldn&amp;#039;t yield false-positives<br/> + various simplification to the -portable layer thanks to these<br/> changes<br/><br/>- Simplified the `bootstrap` script.<br/><br/><br/>Checksums:<br/>==========<br/><br/>```<br/>SHA256 (opensmtpd-7.4.0p0.tar.gz) = c181ccc3434a11e583619e00028520d457fe062e34dc03beea358078220ce374<br/>```<br/><br/>Verify:<br/>=======<br/><br/>Starting with version 5.7.1, releases are signed with signify(1).<br/><br/>You can obtain the public key from our website, check with our community that it has not been altered on its way to your machine.<br/><br/> $ wget https://www.opensmtpd.org/archives/opensmtpd-20181026.pub<br/><br/>Once you are confident the key is correct, you can verify the release as described below:<br/><br/>1. download both release tarball and matching signature file to same directory:<br/>```<br/>$ wget https://www.opensmtpd.org/archives/opensmtpd-7.4.0p0.sum.sig<br/>$ wget https://www.opensmtpd.org/archives/opensmtpd-7.4.0p0.tar.gz<br/>```<br/><br/>2. use `signify` to verify that signature file is properly signed and that the checksum matches the release tarball you downloaded:<br/><br/>```<br/>$ signify -C -e -p opensmtpd-20181026.pub -x opensmtpd-7.4.0p0.sum.sig<br/>Signature Verified<br/>opensmtpd-7.4.0p0.tar.gz: OK<br/>```<br/><br/>If you don&amp;#039;t get an OK message, then something is not right and you should not install without first understanding why it failed.<br/><br/><br/>Support:<br/>========<br/><br/>You are encouraged to register to our general purpose mailing-list: http://www.opensmtpd.org/list.html<br/><br/>The &amp;quot;Official&amp;quot; IRC channel for the project is at: `#opensmtpd @ irc.libera.chat`<br/><br/><br/>Support us:<br/>===========<br/><br/>The project is maintained by volunteers, you can support us by:<br/><br/>- donating time to help test development branch during development cycle<br/>- donating money to either one of the OpenBSD or OpenSMTPD project<br/>- sponsoring developers through direct donations or patreon<br/>- sponsoring developers through contracts to write features<br/><br/>Get in touch with us by e-mail or on IRC for more informations.<br/><br/><br/>Reporting Bugs:<br/>===============<br/><br/>Please read http://www.opensmtpd.org/report.html<br/>Security bugs should be reported directly to security@opensmtpd.org<br/>Other bugs may be reported to bugs@opensmtpd.org

暂无

暂无

暂无

暂无

https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.4.0p0