Postfix stable release 2.9.6, and legacy releases 2.8.14, 2.7.13,
2.6.19 are available. They contain fixes and workarounds 
that are also part of Postfix 2.10.

Postfix 2.9:

 Thanks to OpenSSL documentation, the Postfix 2.9.0..2.9.5 
 SMTP client and server used an incorrect procedure to compute
 TLS certificate PUBLIC-KEY fingerprints (these may be used in
 the check_ccert_access and in smtp_tls_policy_maps features).
 Support for certificate PUBLIC-KEY finger prints was introduced
 with Postfix 2.9; there is no known problem with the certificate
 fingerprint algorithms available since Postfix 2.2.

 Specify "tls_legacy_public_key_fingerprints = yes" temporarily,
 pending a migration from configuration files with incorrect
 Postfix 2.9.0..2.9.5 certificate PUBLIC-KEY finger prints,
 to the correct fingerprints used by Postfix 2.9.6 and later.

 See the RELEASE_NOTES file for more details.

All supported releases:

 The postconf(1) master.cf parser didn't support "clusters" of
 daemon command-line option letters.

 The local(8) delivery agent dereferenced a null pointer while
 delivering to null command (for example, "|" in a .forward file).
 Reported by Gilles Chehade.

 A memory leak fix for tls_misc.c was documented but not included.