diff --git a/postfix/HISTORY b/postfix/HISTORY
index 268d9d624..fd448c4ff 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -19618,3 +19618,26 @@ Apologies for any names omitted.
 	Cleanup: revert the workaround that places headers inserted
 	with PREPEND actions or policy requests BELOW Postfix's own
 	Received: message header. File: smtpd/smtpd.c.
+
+20141025
+
+	Bugfix (introduced: Postfix 2.11): core dump when
+	smtp_policy_maps specifies an invalid TLS level. Viktor
+	Dukhovni. File: smtp/smtp_tls_policy.c.
+
+20150106
+
+	Robustness: don't segfault due to excessive recursion after
+	a faulty configuration runs into the virtual_alias_recursion_limit.
+	File: global/tok822_tree.c.
+
+20150115
+
+	Safety: stop aliasing loops that exponentially increase the
+	address length with each iteration. Back-ported from Postfix
+	3.0. File: cleanup/cleanup_map1n.c.
+
+20150117
+
+	Cleanup: missing " in \%s\" in postconf(1) fatal error
+	messages. Iain Hibbert. File: postconf/postconf_master.c.
diff --git a/postfix/src/cleanup/cleanup_map1n.c b/postfix/src/cleanup/cleanup_map1n.c
index 7f9919466..c5d17f4e4 100644
--- a/postfix/src/cleanup/cleanup_map1n.c
+++ b/postfix/src/cleanup/cleanup_map1n.c
@@ -139,6 +139,15 @@ ARGV   *cleanup_map1n_internal(CLEANUP_STATE *state, const char *addr,
 	    if ((lookup = mail_addr_map(maps, STR(state->temp1), propagate)) != 0) {
 		saved_lhs = mystrdup(argv->argv[arg]);
 		for (i = 0; i < lookup->argc; i++) {
+		    if (strlen(lookup->argv[i]) > var_line_limit) {
+			msg_warn("%s: unreasonable %s result %.300s... -- "
+				 "message not accepted, try again later",
+			     state->queue_id, maps->title, lookup->argv[i]);
+			state->errs |= CLEANUP_STAT_DEFER;
+			UPDATE(state->reason, "4.6.0 Alias expansion error");
+			UNEXPAND(argv, addr);
+			RETURN(argv);
+		    }
 		    unquote_822_local(state->temp1, lookup->argv[i]);
 		    if (i == 0) {
 			UPDATE(argv->argv[arg], STR(state->temp1));
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 1754f3bbf..28261e1f2 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20141019"
-#define MAIL_VERSION_NUMBER	"2.11.3"
+#define MAIL_RELEASE_DATE	"20150208"
+#define MAIL_VERSION_NUMBER	"2.11.4"
 
 #ifdef SNAPSHOT
 #define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/global/tok822_tree.c b/postfix/src/global/tok822_tree.c
index 16cec946a..48d9d897c 100644
--- a/postfix/src/global/tok822_tree.c
+++ b/postfix/src/global/tok822_tree.c
@@ -259,11 +259,12 @@ TOK822 *tok822_sub_keep_after(TOK822 *t1, TOK822 *t2)
 
 TOK822 *tok822_free_tree(TOK822 *tp)
 {
-    if (tp) {
-	if (tp->next)
-	    tok822_free_tree(tp->next);
+    TOK822 *next;
+
+    for (/* void */; tp != 0; tp = next) {
 	if (tp->head)
 	    tok822_free_tree(tp->head);
+	next = tp->next;
 	tok822_free(tp);
     }
     return (0);
diff --git a/postfix/src/postconf/postconf_master.c b/postfix/src/postconf/postconf_master.c
index c409fedb7..21ade5574 100644
--- a/postfix/src/postconf/postconf_master.c
+++ b/postfix/src/postconf/postconf_master.c
@@ -273,7 +273,7 @@ static void pcf_check_master_entry(ARGV *argv, const char *raw_text)
     for (field = PCF_MASTER_FLD_PRIVATE; field <= PCF_MASTER_FLD_CHROOT; field++) {
 	cp = argv->argv[field];
 	if (cp[1] != 0 || strchr(pcf_valid_bool_types, *cp) == 0)
-	    pcf_fix_fatal("invalid %s field \%s\" in \"%s\"",
+	    pcf_fix_fatal("invalid %s field \"%s\" in \"%s\"",
 			  pcf_str_field_pattern(field), cp, raw_text);
     }
 
@@ -282,12 +282,12 @@ static void pcf_check_master_entry(ARGV *argv, const char *raw_text)
     if (len > 0 && cp[len - 1] == '?')
 	len--;
     if (!(cp[0] == '-' && len == 1) && strspn(cp, "0123456789") != len)
-	pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \%s\" in \"%s\"",
+	pcf_fix_fatal("invalid " PCF_MASTER_NAME_WAKEUP " field \"%s\" in \"%s\"",
 		      cp, raw_text);
 
     cp = argv->argv[PCF_MASTER_FLD_MAXPROC];
     if (strcmp("-", cp) != 0 && cp[strspn(cp, "0123456789")] != 0)
-	pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \%s\" in \"%s\"",
+	pcf_fix_fatal("invalid " PCF_MASTER_NAME_MAXPROC " field \"%s\" in \"%s\"",
 		      cp, raw_text);
 }
 
diff --git a/postfix/src/smtp/smtp_tls_policy.c b/postfix/src/smtp/smtp_tls_policy.c
index f280810e1..b4c61e968 100644
--- a/postfix/src/smtp/smtp_tls_policy.c
+++ b/postfix/src/smtp/smtp_tls_policy.c
@@ -516,9 +516,11 @@ static void *policy_create(const char *unused_key, void *context)
     switch (site_level) {
     default:
 	tls->level = site_level;
+	/* FALLTHROUGH */
     case TLS_LEV_NOTFOUND:
 	break;
     case TLS_LEV_INVALID:
+	tls->level = site_level;
 	return ((void *) tls);
     }