pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail/sendmail812 Update sendmail (with vendor patch) t...
details: https://anonhg.NetBSD.org/pkgsrc/rev/8407ab103f76
branches: trunk
changeset: 510024:8407ab103f76
user: tv <tv%pkgsrc.org@localhost>
date: Wed Mar 22 21:19:06 2006 +0000
description:
Update sendmail (with vendor patch) to address the current security issue:
http://www.kb.cert.org/vuls/id/834865
Bump to nb2.
This will change the internal version of sendmail to 8.12.11.20060308.
> SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> and client side of sendmail with timeouts in the libsm I/O
> layer and fix problems in that code. Also fix handling of
> a buffer in sm_syslog() which could have been used as an
> attack vector to exploit the unsafe handling of
> setjmp(3)/longjmp(3) in combination with signals.
> Problem detected by Mark Dowd of ISS X-Force.
> Handle theoretical integer overflows that could triggered if
> the server accepted headers larger than the maximum
> (signed) integer value. This is prevented in the default
> configuration by restricting the size of a header, and on
> most machines memory allocations would fail before reaching
> those values. Problems found by Phil Brass of ISS.
diffstat:
mail/sendmail812/Makefile | 4 ++--
mail/sendmail812/Makefile.common | 5 ++++-
mail/sendmail812/distinfo | 5 ++++-
3 files changed, 10 insertions(+), 4 deletions(-)
diffs (51 lines):
diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/Makefile
--- a/mail/sendmail812/Makefile Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/Makefile Wed Mar 22 21:19:06 2006 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.7 2005/12/29 06:21:53 jlam Exp $
+# $NetBSD: Makefile,v 1.8 2006/03/22 21:19:06 tv Exp $
.include "options.mk"
.include "../../mail/sendmail812/Makefile.common"
PKGNAME= sendmail-${DIST_VERS}
-PKGREVISION= 1
+PKGREVISION= 2
COMMENT= The well known Mail Transport Agent
CONFLICTS+= postfix-[0-9]* fastforward>=0.51nb2
diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/Makefile.common
--- a/mail/sendmail812/Makefile.common Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/Makefile.common Wed Mar 22 21:19:06 2006 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.9 2005/12/05 20:50:35 rillig Exp $
+# $NetBSD: Makefile.common,v 1.10 2006/03/22 21:19:06 tv Exp $
#
# Makefile fragment shared with libmilter
#
@@ -9,6 +9,9 @@
ftp://ftp.fu-berlin.de/pub/unix/mail/sendmail/ \
ftp://ftp.kyoto.wide.ad.jp/pub/mail/sendmail/
+PATCH_SITES= ${MASTER_SITES}
+PATCHFILES= 8.12.11.p0
+
MAINTAINER= adrianp%NetBSD.org@localhost
HOMEPAGE= http://www.sendmail.org/
diff -r 744339f7e4bc -r 8407ab103f76 mail/sendmail812/distinfo
--- a/mail/sendmail812/distinfo Wed Mar 22 21:13:42 2006 +0000
+++ b/mail/sendmail812/distinfo Wed Mar 22 21:19:06 2006 +0000
@@ -1,8 +1,11 @@
-$NetBSD: distinfo,v 1.3 2005/09/08 22:32:39 abs Exp $
+$NetBSD: distinfo,v 1.4 2006/03/22 21:19:06 tv Exp $
SHA1 (sendmail.8.12.11.tar.gz) = ce1ba0e50740c548f8555f1a905d8514e6637f95
RMD160 (sendmail.8.12.11.tar.gz) = a80ceccbe3425ea01ce6cb89f2226f83b3562b64
Size (sendmail.8.12.11.tar.gz) = 1899112 bytes
+SHA1 (8.12.11.p0) = aeef47bf434c13d91ba1c1e777cf81a2ba283290
+RMD160 (8.12.11.p0) = 267afdf9abc4636d0750bddf3b7bd16fe9b2fd5b
+Size (8.12.11.p0) = 71804 bytes
SHA1 (patch-aa) = cf9a68f5e6d6fd6e13a806a7d1e6ebab18fc9c6f
SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa
SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27
Home |
Main Index |
Thread Index |
Old Index