This is mostly a security fix release.
See the list of changes since 8.12.8 below.
Package change: always put M4 in MAKE_ENV so we are sure of the one used.
Note: this also update mail/libmilter the same version.
8.12.9/8.12.9 2003/03/29
SECURITY: Fix a buffer overflow in address parsing due to
a char to int conversion problem which is potentially
remotely exploitable. Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to
data that it receives from untrusted sources, which
includes DNS.
To provide partial protection to internal, unpatched sendmail MTAs,
8.12.9 changes by default (char)0xff to (char)0x7f in
headers etc. To turn off this conversion compile with
-DALLOW_255 or use the command line option -d82.101.
To provide partial protection for internal, unpatched MTAs that may be
performing 7->8 or 8->7 bit MIME conversions, the default
for MaxMimeHeaderLength has been changed to 2048/1024.
Note: this does have a performance impact, and it only
protects against frontal attacks from the outside.
To disable the checks and return to pre-8.12.9 defaults,
set MaxMimeHeaderLength to 0/0.
Do not complain about -ba when submitting mail. Problem noted
by Derek Wueppelmann.
Fix compilation with Berkeley DB 1.85 on systems that do not
have flock(2). Problem noted by Andy Harper of Kings
College London.
Properly initialize data structure for dns maps to avoid various
errors, e.g., looping processes. Problem noted by
Maurice Makaay.
CONFIG: Prevent multiple application of rule to add smart host.
Patch from Andrzej Filip.
CONFIG: Fix queue group declaration in MAILER(`usenet').
CONTRIB: buildvirtuser: New option -t builds the virtusertable
text file instead of the database map.
Portability:
Revert wrong change made in 8.12.7 and actually use the
builtin getopt() version in sendmail on Linux.
This can be overridden by using -DSM_CONF_GETOPT=0
in which case the OS supplied version will be used.
Changes by hubertf and seb; these changes tested on NetBSD, Linux and Irix.
Modified Files:
src/usr.sbin/pkg_install/add: perform.c pkg_add.1
Log Message:
Implement remaining TODO item in pkg upgrade (pkg_add -u):
* Upgrade step 1/4: Check if the new version is ok with all pkgs
* (from +REQUIRED_BY) that require this pkg
Inspired by bsd.pkg.mk's upgrade(?) target.
Modified Files:
src/usr.sbin/pkg_install/admin: main.c
src/usr.sbin/pkg_install/info: main.c perform.c
Log Message:
Consistently check findmatchingname() return value for error condition.
Among other this fixes 'pkg_info -e whateverpkg' exit status when
/var/db/pkg is missing: it is now 1 and not 0.
Modified Files:
src/usr.sbin/pkg_install/lib: version.h
Log Message:
Bump to "20030325" after today's changes from seb and me
This contains security problem solved by samba 2.2.8.
pkgsrc changes:
o pkgsrc organization changesd as samba package.
o note explicitly security problem fixed by samba 2.2.8.
o remove own quota support patch.
Changes from ja-samba-2.2.4.1.0 package:
Changelog of Samba2.2 Japanese Edition
Samba Users Group Japan
Here is the fix list of Samba2.2 Japanese Edition.
The sign of each line means:
*: Fix of Samba Japanese Edition only
x: Fix of sending a patch to Samba Team
c: Fix of being commited a patch by Samba Team
samba-2.2.7a-ja-1.1
~~~~~~~~~~~~~~~~~~~
Changes to the original version
c Fixed two security problems which is fixed at samba 2.2.8
[sugj-tech:5211]
samba-2.2.7a-ja-1.0beta1
~~~~~~~~~~~~~~~~~~~~~~~
Changes to the internationalized version
* Fixed build problem when gettext 0.11.x installed [sugj-tech:5177]
* Fixed memory leak of winbindd [sugj-tech:5152]
* Added 'ldap referrals' parameter [sugj-tech:5124]
* Fixed parameter of 'printing' was set on FreeBSD [sugj-tech:5155]
* Fixed reseting parameters of smbd and nmbd by SIGHUP
[sugj-tech:5160]
* Fixed setting change of the 'printing' parameter works together
with print-related parameters [sugj-tech:5155]
* Fixed error message when old getgroups() is used [sugj-tech:5166]
* Fixed warning message when leap second is set [sugj-tech:5166]
* Fixed altname command of smbclient [sugj-tech:5019]
* Fixed close share command of smbcontrol with Japanese
[sugj-tech:5014]
* Fixed compile problem on Tru64 UNIX [sugj-tech:5033]
* Fixed compile problem of tdb directory [sugj-tech:5033]
* Fixed to enable domain logon to Japanese domain name
[sugj-tech:5043]
* Fixed smbspool command with Japanese [sugj-tech:5048,5112]
* Fixed recycle.c of VFS module [samba-jp:13590]
* Fixed memory allocation of make_printerdef [sugj-tech:5106]
* Fixed compile problem before FreeBSD 2.2.8 [sugj-tech:5112]
* Fixed querydispinfo command of rpcclient [sugj-tech:5112]
* Fixed rpcclient for Japanese resource [sugj-tech:5112]
* Changed option of client tools from '-t' to '-T' [sugj-tech:5077]
* Update smbchartool and removed jcode.pl [sugj-tech:5091]
* Fixed encoding when using euc3 coding system [sugj-tech:5122]
samba-2.2.5-ja-1.0beta3
~~~~~~~~~~~~~~~~~~~~~~~
Changes to the internationalized version
* Added %j macro which means printing job name [sugj-tech:4998]
Changes to the original version
* Fixed counting characters of unistr_to_dos() [sugj-tech:5004]
* Fixed compile problem with --with-quotas on NetBSD [sugj-tech:4965]
ChangeLog:
2003-03-29 MAEKAWA Masahide <maekawa@daemon-systems.org>
* 0.17.1
* ANNOUNCE: Public cvsync service
cvsync.allbsd.org provides the distribution and source trees of
FreeBSD, NetBSD, OpenBSD, OpenDarwin, XFree86, and TenDRA via cvsync.
URL: http://www.allbsd.org/#pub-cvsync
* mk/*.mk
Make compile on old BSDs.
2003-03-28 MAEKAWA Masahide <maekawa@daemon-systems.org>
* Fix signed vs unsigned problem.
pages. Normally I wouldn't care, except (a) there don't seem to be
"plaintext" versions and (b) the html that *does* get installed links
to it. Or them, rather.
Bump PKGREVISION accordingly. Reviewed by jlam.
ChangeLog:
2003-03-28 MAEKAWA Masahide <maekawa@daemon-systems.org>
* 0.17.0 is out.
* HEADS UP: Change Collection Exchange Protocol
To make add the new release type easy, the protocol to exchange
collections list is changed.
All servers/clients SHOULD be updated to 0.17.0 or higher.
* Fix a bug to calculate the symbolic link path name length.
(noticed by naddy AT OpenBSD DOT org)
2003-03-27 MAEKAWA Masahide <maekawa@daemon-systems.org>
* New release type: list
Retrieve the collections list provided by the server.
* Scanfile (client)
If the scanfile is specified and that doesn't exist, it's generated
automatically at the stage of loading the configuration file.
- Some bugs in IP Filter support code were found and fixed, whole code,
which works with IP Filter, was rewritten and now has a new design,
which is much simpler for supporting and faster than previous one
- Fixed bug with the global "shutdown" section: when ipa(8) receives
the HUP signal, it destroyed information about commands in the global
"shutdown" section
- Some bugs with memory usage were fixed: ipa(8) and ipastat(8) could
free(3) not allocated chunks of memory
- Fixed several minor bugs in IPv4/v6 Firewall and Packet Filter
support code
2003-03-19 DeleGate/8.5.2 fixes for HTTP-gateway and FTP-proxy with PERMIT (since 8.4.0)
2003-03-14 DeleGate/8.5.1 fixes for SMTP (AUTH PLAIN), DNS and HTTP
2003-03-06 DeleGate/8.5.0 new stable version
2003-03-05 DeleGate/8.4.1 fixes for HTTP / PERMIT (8.4.0), DNS server stall on Win32, etc.
2003-02-19 DeleGate/8.4.0 bind(privileged port) by command, access control by method, etc.
2003-02-21 DeleGate/8.3.4 fixes for forwarding HTTP to MASTER, invoking CFI, VSAP, etc.
2003-01-16 DeleGate/8.3.3 fixes for FTP, NNTP, HTTP, porting to Win32, etc.
2003-01-01 DeleGate/8.3.2 fixed SEGV on heavy load (since 8.2.2) and select() loop on Win32
2002-12-30 DeleGate/8.3.1 fix for making on OS/2 and a fix for "gzip" on Win9X
2002-12-27 DeleGate/8.3.0 new stable version
2002-12-23 DeleGate/8.2.5 SockMux fixes and extension
2002-12-22 DeleGate/8.2.4 SockMux fixes and extension
2002-12-21 DeleGate/8.2.3 SockMux fixes and extension
2002-12-20 DeleGate/8.2.2 introduced SockMux" socket multiplexer protocol
2002-12-12 DeleGate/8.2.1 fixed MOUNT and CFI
2002-12-03 DeleGate/8.2.0 introduced conditional parameter and pseudo host name for AF_UNIX
2002-11-27 DeleGate/8.1.0 new stable version
2002-11-25 DeleGate/8.0.11 changes about HTTP cache and NNTP/HTTP gateway, etc.
2002-11-13 DeleGate/8.0.10 changes for CFI, restarting on configuration error, etc.
2002-11-06 DeleGate/8.0.9 supported HTTP Content-Encoding:gzip to client
2002-11-01 DeleGate/8.0.8 supported HTTP Content-Encoding:gzip from server
2002-10-22 DeleGate/8.0.7 fixes for NNTP and MOUNT
2002-10-11 DeleGate/8.0.6 changes for HostList by host and auth, ext. for ABOR/FTP
2002-10-08 DeleGate/8.0.5 fixes for CFI, PASV/FTP/Socks and extension for ftp://u*h@p
2002-09-30 DeleGate/8.0.4 changed SERVER default, improved restarting on Win32
2002-09-20 DeleGate/8.0.3 fix for SERVER=delegate
2002-09-18 DeleGate/8.0.2 fix for SERVER=delegate
2002-09-17 DeleGate/8.0.1 changes for default configurations (SERVER, etc.) and parameter spec.
2002-09-13 DeleGate/8.0.0 changes for default configurations, CFI extension, Win32 fixes, etc.
2002-09-22 DeleGate/7.9.13 fix for SERVER=delegate
2002-09-08 DeleGate/7.9.12 fixed for FTP proxy auth., buffer overflows, etc.
2002-08-26 DeleGate/7.9.11 fixes for Win32 bugs, CSS vulnerability, etc.
2002-07-20 DeleGate/7.9.10 fixes for HTTP/1.1 Keep-Alive, adaptation to OS/2, Win32, etc.
2002-06-28 DeleGate/7.9.9 extensions for HTTP, -r option, etc.
2002-06-25 DeleGate/7.9.8 fixes for SMTP, HTTP, extensions of HOSTLIST, HTTPCONF, etc
2002-06-18 DeleGate/7.9.7 fixes for Win32 service and AUTHORIZER cache
2002-06-14 DeleGate/7.9.6 fixes for MOUNT, AUTH TLS for FTP, udprelay, etc.
2002-05-22 DeleGate/7.9.5 fixes for freezing on Win32 and reloading by HTTP/1.1
2002-05-07 DeleGate/7.9.4 fixes for WinXP, VSAP, etc.
2002-04-05 DeleGate/7.9.3 fixes for fixes for NNTP, CFI srcipt, SMTP EHLO, IMAP, etc.
2002-03-11 DeleGate/7.9.2 fixes for origin-HTTP, chained DeleGate, Win32 DHCP DNS, etc.
2002-03-04 DeleGate/7.9.1 a fix for 7.9.0 (NNTP/HTTP gateway)
2002-03-04 DeleGate/7.9.0 fixes for logfile on Win32, extension of SRCIF for ftp-data, etc.
2002-02-26 DeleGate/7.8.3 extended SRCIF, SRCIF for FTP data, modified UDP/SOCKS, etc.
2002-02-06 DeleGate/7.8.2 fixes for FTP MOUNT, extension of SRCIF for SOCKS/BIND, etc.
2002-01-05 DeleGate/7.8.1 a fix for FTP proxy
2001-12-28 DeleGate/7.8.0 HOSTLIST, non-anonymous FTP MOUNT, etc
