Subject: CVS commit: [pkgsrc-2006Q1] pkgsrc/mail/sendmail
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 05/22/2006 14:15:27
Module Name:	pkgsrc
Committed By:	salo
Date:		Mon May 22 14:15:27 UTC 2006

Modified Files:
	pkgsrc/mail/sendmail [pkgsrc-2006Q1]: Makefile Makefile.common distinfo
	pkgsrc/mail/sendmail/patches [pkgsrc-2006Q1]: patch-ag
Removed Files:
	pkgsrc/mail/sendmail/patches [pkgsrc-2006Q1]: patch-ai patch-aj
	    patch-ak patch-al

Log Message:
Pullup ticket 1644 - requested by adrianp
sync sendmail with HEAD

Revisions pulled up:
- pkgsrc/mail/sendmail/Makefile			1.87
- pkgsrc/mail/sendmail/Makefile.common		1.34
- pkgsrc/mail/sendmail/distinfo			1.28
- pkgsrc/mail/sendmail/patches/patch-ag		1.12
- pkgsrc/mail/sendmail/patches/patch-ai		removed
- pkgsrc/mail/sendmail/patches/patch-aj		removed
- pkgsrc/mail/sendmail/patches/patch-ak		removed
- pkgsrc/mail/sendmail/patches/patch-al		removed

   Module Name:		pkgsrc
   Committed By:	adrianp
   Date:		Fri May 12 22:23:09 UTC 2006

   Modified Files:
   	pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
   	pkgsrc/mail/sendmail/patches: patch-ag
   Removed Files:
   	pkgsrc/mail/sendmail/patches: patch-ai patch-aj patch-ak patch-al

   Log Message:
   Update to sendmail 8.13.6
   > 8.13.6/8.13.6	2006/03/22
   > 	SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
   > 		and client side of sendmail with timeouts in the libsm I/O
   > 		layer and fix problems in that code.  Also fix handling of
   > 		a buffer in sm_syslog() which could have been used as an
   > 		attack vector to exploit the unsafe handling of
   > 		setjmp(3)/longjmp(3) in combination with signals.
   > 		Problem detected by Mark Dowd of ISS X-Force.
   > 	Handle theoretical integer overflows that could triggered if
   > 		the server accepted headers larger than the maximum
   > 		(signed) integer value.  This is prevented in the default
   > 		configuration by restricting the size of a header, and on
   > 		most machines memory allocations would fail before reaching
   > 		those values.  Problems found by Phil Brass of ISS.
   > 	If a server returns 421 for an RSET command when trying to start
   > 		another transaction in a session while sending mail, do
   > 		not trigger an internal consistency check.  Problem found
   > 		by Allan E Johannesen of Worcester Polytechnic Institute.
   > 	If a server returns a 5xy error code (other than 501) in response
   > 		to a STARTTLS command despite the fact that it advertised
   > 		STARTTLS and that the code is not valid according to RFC
   > 		2487 treat it nevertheless as a permanent failure instead
   > 		of a protocol error (which has been changed to a
   > 		temporary error in 8.13.5).  Problem reported by Jeff
   > 		A. Earickson of Colby College.
   > 	Clear SMTP state after a HELO/EHLO command.  Patch from John
   > 		Myers of Proofpoint.
   > 	Observe MinQueueAge option when gathering entries from the queue
   > 		for sorting etc instead of waiting until the entries are
   > 		processed.  Patch from Brian Fundakowski Feldman.
   > 	Set up TLS session cache to properly handle clients that try to
   > 		resume a stored TLS session.
   > 	Properly count the number of (direct) child processes such that
   > 		a configured value (MaxDaemonChildren) is not exceeded.
   > 		Based on patch from Attila Bruncsak.
   > 	LIBMILTER: Remove superfluous backslash in macro definition
   > 		(libmilter.h).  Based on patch from Mike Kupfer of
   > 		Sun Microsystems.
   > 	LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets.
   > 		This generates an error message from libmilter on
   > 		Solaris, though other systems appear to just discard the
   > 		request silently.
   > 	LIBMILTER: Deal with sigwait(2) implementations that return
   > 		-1 and set errno instead of returning an error code
   > 		directly.  Patch from Chris Adams of HiWAAY Informations
   > 		Services.
   > 	Portability:
   > 		Fix compilation checks for closefrom(3) and statvfs(2)
   > 		in NetBSD.  Problem noted by S. Moonesamy, patch from
   > 		Andrew Brown.


To generate a diff of this commit:
cvs rdiff -r1.84 -r1.84.2.1 pkgsrc/mail/sendmail/Makefile
cvs rdiff -r1.33 -r1.33.2.1 pkgsrc/mail/sendmail/Makefile.common
cvs rdiff -r1.27 -r1.27.2.1 pkgsrc/mail/sendmail/distinfo
cvs rdiff -r1.11 -r1.11.4.1 pkgsrc/mail/sendmail/patches/patch-ag
cvs rdiff -r1.4 -r0 pkgsrc/mail/sendmail/patches/patch-ai
cvs rdiff -r1.1 -r0 pkgsrc/mail/sendmail/patches/patch-aj \
    pkgsrc/mail/sendmail/patches/patch-ak \
    pkgsrc/mail/sendmail/patches/patch-al

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.