Subject: CVS commit: pkgsrc/mail/sendmail
To: None <pkgsrc-changes@NetBSD.org>
From: Adrian Portelli <adrianp@netbsd.org>
List: pkgsrc-changes
Date: 05/12/2006 22:23:09
Module Name: pkgsrc
Committed By: adrianp
Date: Fri May 12 22:23:09 UTC 2006
Modified Files:
pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
pkgsrc/mail/sendmail/patches: patch-ag
Removed Files:
pkgsrc/mail/sendmail/patches: patch-ai patch-aj patch-ak patch-al
Log Message:
Update to sendmail 8.13.6
> 8.13.6/8.13.6 2006/03/22
> SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> and client side of sendmail with timeouts in the libsm I/O
> layer and fix problems in that code. Also fix handling of
> a buffer in sm_syslog() which could have been used as an
> attack vector to exploit the unsafe handling of
> setjmp(3)/longjmp(3) in combination with signals.
> Problem detected by Mark Dowd of ISS X-Force.
> Handle theoretical integer overflows that could triggered if
> the server accepted headers larger than the maximum
> (signed) integer value. This is prevented in the default
> configuration by restricting the size of a header, and on
> most machines memory allocations would fail before reaching
> those values. Problems found by Phil Brass of ISS.
> If a server returns 421 for an RSET command when trying to start
> another transaction in a session while sending mail, do
> not trigger an internal consistency check. Problem found
> by Allan E Johannesen of Worcester Polytechnic Institute.
> If a server returns a 5xy error code (other than 501) in response
> to a STARTTLS command despite the fact that it advertised
> STARTTLS and that the code is not valid according to RFC
> 2487 treat it nevertheless as a permanent failure instead
> of a protocol error (which has been changed to a
> temporary error in 8.13.5). Problem reported by Jeff
> A. Earickson of Colby College.
> Clear SMTP state after a HELO/EHLO command. Patch from John
> Myers of Proofpoint.
> Observe MinQueueAge option when gathering entries from the queue
> for sorting etc instead of waiting until the entries are
> processed. Patch from Brian Fundakowski Feldman.
> Set up TLS session cache to properly handle clients that try to
> resume a stored TLS session.
> Properly count the number of (direct) child processes such that
> a configured value (MaxDaemonChildren) is not exceeded.
> Based on patch from Attila Bruncsak.
> LIBMILTER: Remove superfluous backslash in macro definition
> (libmilter.h). Based on patch from Mike Kupfer of
> Sun Microsystems.
> LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets.
> This generates an error message from libmilter on
> Solaris, though other systems appear to just discard the
> request silently.
> LIBMILTER: Deal with sigwait(2) implementations that return
> -1 and set errno instead of returning an error code
> directly. Patch from Chris Adams of HiWAAY Informations
> Services.
> Portability:
> Fix compilation checks for closefrom(3) and statvfs(2)
> in NetBSD. Problem noted by S. Moonesamy, patch from
> Andrew Brown.
To generate a diff of this commit:
cvs rdiff -r1.86 -r1.87 pkgsrc/mail/sendmail/Makefile
cvs rdiff -r1.33 -r1.34 pkgsrc/mail/sendmail/Makefile.common
cvs rdiff -r1.27 -r1.28 pkgsrc/mail/sendmail/distinfo
cvs rdiff -r1.11 -r1.12 pkgsrc/mail/sendmail/patches/patch-ag
cvs rdiff -r1.4 -r0 pkgsrc/mail/sendmail/patches/patch-ai
cvs rdiff -r1.1 -r0 pkgsrc/mail/sendmail/patches/patch-aj \
pkgsrc/mail/sendmail/patches/patch-ak \
pkgsrc/mail/sendmail/patches/patch-al
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.