Errata overview
Errata ID 68
Date 2018-05-16
Source package postfix
Fixed in version 3.1.8-0+deb9u1
This update addresses the following issues:
* Rewrite debian/postfix-instance-generator to avoid use of postmulti to fix
  failures when inet_interfaces != all.
* DANE support. Postfix builds with OpenSSL 1.0.0 or 1.0.1 failed to send
  email to some sites with "TLSA 2 X X" records associated with an
  intermediate CA certificate.
* Missing dynamicmaps support in the Postfix sendmail command broke
  authorized_submit_users with a dynamically-loaded map type.
* Do not log warnings that some restriction returns OK, when the access map
  DISCARD feature is in effect.
* The DB_CONFIG bugfix broke Berkeley DB configurations with a relative
* Reportedly, some res_query(3) implementation can return -1 with h_errno==0.
  Instead of terminating with a panic, the Postfix DNS client now logs a
  warning and sets h_errno to TRY_AGAIN.
* Missing mailbox seek-to-end error check in the local(8) delivery agent.
* Incorrect mailbox seek-to-end error message in the virtual(8) delivery
Additional notes
UCS Bug number #46636