source-changes: CVS commit: [netbsd-1-6] src/gnu/dist/sendmail/sendmail

Subject: CVS commit: [netbsd-1-6] src/gnu/dist/sendmail/sendmail
To: None <source-changes@netbsd.org>
From: Matthias Scheler <tron@netbsd.org>
List: source-changes
Date: 03/30/2003 01:18:35

Module Name:	src
Committed By:	tron
Date:		Sat Mar 29 23:18:35 UTC 2003

Modified Files:
	src/gnu/dist/sendmail/sendmail [netbsd-1-6]: conf.c parseaddr.c
	    version.c

Log Message:
Apply sendmail security patch (requested by atatat in ticket #1237):

Fix a buffer overflow in address parsing due to a char to int
conversion problem which is potentially remotely exploitable.
Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to data
that it receives from untrusted sources, which includes DNS.


To generate a diff of this commit:
cvs rdiff -r1.14 -r1.14.2.1 src/gnu/dist/sendmail/sendmail/conf.c
cvs rdiff -r1.8.2.1 -r1.8.2.2 src/gnu/dist/sendmail/sendmail/parseaddr.c
cvs rdiff -r1.10 -r1.10.2.1 src/gnu/dist/sendmail/sendmail/version.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.