Postfix stable release 3.11.5 and legacy releases 3.10.12, 3.9.13, 3.8.19, 3.7.21, 3.6.19, 3.5.26

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.11.5.html]

This release addresses medium-impact problems that need to be fixed as some enable remote DOS, or local memory corruption.

The fixes below, and more, are also released in the unstable version postfix-3.12-20260706.

In addition to updated releases for the supported Postfix versions 3.8-3.11, releases will also be available for the out-of-support Postfix versions 3.5-3.7. NOTE: these do not include the patches for out-of-support Postfix versions that have been issued for "large SMTP inputs (June 2026)", "TLSA parsing (June 2026)", and "SMTP smuggling fixes". Those patches still need to be applied.

These defects were found by Qualys assisted by Claude Mythos Preview; more than half date from 20 or more years ago. When I implemented Postfix, I knew that there were going to be mistakes. That is the reason why Postfix has its architecture and safety nets. The number of defects may seem large, but consdering that they were found in a code base of some 150 thousand lines, the error rate is still lower than what I designed for.

Denial of service:

Memory corruption:

Other crashes and panic()s:

Other read after free:

Other code hygiene:

Proactive changes:

You can find the updated Postfix source code at the mirrors listed at https://www.postfix.org/.