Subject: PR/33821 CVS commit: pkgsrc/mail/sendmail
To: None <tv@NetBSD.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Todd Vierling <tv@netbsd.org>
List: pkgsrc-bugs
Date: 07/07/2006 18:10:03
The following reply was made to PR pkg/33821; it has been noted by GNATS.
From: Todd Vierling <tv@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: PR/33821 CVS commit: pkgsrc/mail/sendmail
Date: Fri, 7 Jul 2006 18:06:28 +0000 (UTC)
Module Name: pkgsrc
Committed By: tv
Date: Fri Jul 7 18:06:28 UTC 2006
Modified Files:
pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
pkgsrc/mail/sendmail/patches: patch-aj
Removed Files:
pkgsrc/mail/sendmail/patches: patch-ak patch-al patch-am
Log Message:
Update to 8.13.7; changelog below. (8.13.6nb3 already had the security
fixes by patch.)
While here, fix PR pkg/33821 by substituting pkgsrc's BINOWN, BINGRP, and
INSTALL definitions into the installed share/sendmail/cf/Makefile.
8.13.7/8.13.7 2006/06/14
A malformed MIME structure with many parts can cause sendmail to
crash while trying to send a mail due to a stack overflow,
e.g., if the stack size is limited (ulimit -s). This
happens because the recursion of the function mime8to7()
was not restricted. The function is called for MIME 8 to
7 bit conversion and also to enforce MaxMimeHeaderLength.
To work around this problem, recursive calls are limited to
a depth of MAXMIMENESTING (20); message content after this
limit is treated as opaque and is not checked further.
Problem noted by Frank Sheiness.
The changes to the I/O layer in 8.13.6 caused a regression for
SASL mechanisms that use the security layer, e.g.,
DIGEST-MD5. Problem noted by Robert Stampfli.
If a timeout occurs while reading a message (during the DATA phase)
a df file might have been left behind in the queue.
This was another side effect of the changes to the I/O
layer made in 8.13.6.
Several minor problems have been fixed that were found by a
Coverity scan of sendmail 8 as part of the NetBSD
distribution. See http://scan.coverity.com/
Note: the scan generated also a lot of "false positives",
e.g., "error" reports about situations that cannot happen.
Most of those code places are marked with lint(1) comments
like NOTREACHED, but Coverity does not understand those.
Hence an explicit assertion has been added in some cases
to avoid those false positives.
If the start of the sendmail daemon fails due to a configuration
error then in some cases shared memory segments or pid
files were not removed.
If DSN support is disabled via access_db, then related ESMTP
parameters for MAIL and RCPT should be rejected. Problem
reported by Akihiro Sagawa.
Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding
bug work-around. Hence if sendmail is linked against
either of these versions and compression is available,
the padding bug work-around is turned off. Based on
patch from Victor Duchovni of Morgan Stanley.
CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used
blackholes.mail-abuse.org as default domain for lookups,
however, that list is no longer available. To avoid
further problems, no default value is available anymore,
but an argument must be specified.
Portability:
Fix compilation on OSF/1 for sfsasl.c. Patch from
Pieter Bowman of the University of Utah.
To generate a diff of this commit:
cvs rdiff -r1.90 -r1.91 pkgsrc/mail/sendmail/Makefile
cvs rdiff -r1.36 -r1.37 pkgsrc/mail/sendmail/Makefile.common
cvs rdiff -r1.30 -r1.31 pkgsrc/mail/sendmail/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/mail/sendmail/patches/patch-aj
cvs rdiff -r1.3 -r0 pkgsrc/mail/sendmail/patches/patch-ak \
pkgsrc/mail/sendmail/patches/patch-al
cvs rdiff -r1.1 -r0 pkgsrc/mail/sendmail/patches/patch-am
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.