8.12.10/8.12.10 2003/09/24
SECURITY: Fix a buffer overflow in address parsing. Problem
detected by Michal Zalewski, patch from Todd C. Miller
of Courtesan Consulting.
Fix a potential buffer overflow in ruleset parsing. This problem
is not exploitable in the default sendmail configuration;
only if non-standard rulesets recipient (2), final (4), or
mailer-specific envelope recipients rulesets are used then
a problem may occur. Problem noted by Timo Sirainen.
Accept 0 (and 0/0) as valid input for set MaxMimeHeaderLength.
Problem noted by Thomas Schulz.
Add several checks to avoid (theoretical) buffer over/underflows.
Properly count message size when performing 7->8 or 8->7 bit MIME
conversions. Problem noted by Werner Wiethege.
Properly compute message priority based on size of entire message,
not just header. Problem noted by Axel Holscher.
Reset SevenBitInput to its configured value between SMTP
transactions for broken clients which do not properly
announce 8 bit data. Problem noted by Stefan Roehrich.
Set {addr_type} during queue runs when processing recipients.
Based on patch from Arne Jansen.
Better error handling in case of (very unlikely) queue-id conflicts.
Perform better error recovery for address parsing, e.g., when
encountering a comment that is too long. Problem noted by
Tanel Kokk, Union Bank of Estonia.
Add ':' to the allowed character list for bogus HELO/EHLO
checking. It is used for IPv6 domain literals. Patch from
Iwaizako Takahiro of FreeBit Co., Ltd.
Reset SASL connection context after a failed authentication attempt.
Based on patch from Rob Siemborski of CMU.
Check Berkeley DB compile time version against run time version
to make sure they match.
Do not attempt AAAA (IPv6) DNS lookups if IPv6 is not enabled
in the kernel.
When a milter adds recipients and one of them causes an error,
do not ignore the other recipients. Problem noted by
Bart Duchesne.
CONFIG: Use specified SMTP error code in mailertable entries which
lack a DSN, i.e., "error:### Text". Problem noted by
Craig Hunt.
CONFIG: Call Local_trust_auth with the correct argument. Patch
from Jerome Borsboom.
CONTRIB: Better handling of temporary filenames for doublebounce.pl
and expn.pl to avoid file overwrites, etc. Patches from
Richard A. Nelson of Debian and Paul Szabo.
MAIL.LOCAL: Fix obscure race condition that could lead to an
improper mailbox truncation if close() fails after the
mailbox is fsync()'ed and a new message is delivered
after the close() and before the truncate().
MAIL.LOCAL: If mail delivery fails, do not leave behind a
stale lockfile (which is ignored after the lock timeout).
Patch from Oleg Bulyzhin of Cronyx Plus LLC.
Portability:
Port for AIX 5.2. Thanks to Steve Hubert of University
of Washington for providing access to a computer
with AIX 5.2.
setreuid(2) works on OpenBSD 3.3. Patch from
Todd C. Miller of Courtesan Consulting.
Allow for custom definition of SMRSH_CMDDIR and SMRSH_PATH
on all operating systems. Patch from Robert Harker
of Harker Systems.
Use strerror(3) on Linux. If this causes a problem on
your Linux distribution, compile with
-DHASSTRERROR=0 and tell sendmail.org about it.
Added Files:
devtools/OS/AIX.5.2
update provided by Adrian Portelli in PR pkg/22836.
This module provides you with access to XML Streams. An XML Stream
is just that. A stream of XML over a connection between two computers.
Package imported from pkgsrc-wip.
This release contains the following major enhancements:
* Transactional backend
* Improved Unicode handling
* Improved DN handlng
* Improved Referral handling
* SASL authentication/authorization mapping
* SASL in-directory storage of authentication secrets
* Enhanced administrative limits/access controls
* Meta backend (experimental)
* Monitor backend (experimental)
* Virtual "glue" backend (experimental)
* LDAP C++ API
* Updated LDAP C and TCL APIs
* LDAPv3 extensions, including:
- Enhanced Language Tag/Range Support
- 'Who am i?' Extended Operation
- 'Matched Values' Control
- 'NOOP' Control
plus lots of bug fixes.
Update (to 2.1.20) from Juan RP in PR pkg/21682 with some tidy up and
update to 2.1.22 by Marc Recht and me.
Also closes PR pkg/21217 by Jean-Luc Wasmer and PR pkg/20972 by Jeremy
Reed.
Changes:
* kiconedit: Fix 'Paste As New' action.
* kiconedit: make configuration dialog modal.
* kiconedit: icon preview area uses the background settings now.
* kiconedit: improve "image is modified" handling.
* kiconedit: improve mouse cursor pixmaps.
* kiconedit: fix loading/saving logic to be more robust.
* kiconedit: correctly display icons with an alpha channel.
* kamera: fix handling of PTP based cameras.
* kghostview: fix stopping of download indicator when download is
cancelled.
* kghostview: fix CTRL-M accelerator clash.
Changes:
* kpilot: Fix Bug 50560: address not synced correct with new address
information
* kpilot: Fix Bug 60659: Always using at least one of the addresses from
kaddressbook
* kpilot: Fix Bug 60691: KPilot vcal conduit changes day when syncing
repeating events
* kpilot: fix errors in build system.
Changes:
* kstars: Fix bug which essentially made all Southern Hemisphere locations
to report that Daylight savings time was always active.
* kvoctrain: fix crash on inline editing.
* kstars: Implement altitude shift caused by atmospheric refraction.
Changes:
* kxconfig: add mouse wheels support to USB mice.
* kxconfig: fix solaris compile.
* ksysv: Fix Bug 49265: inactive hyperlinks in Help and About
Changes:
* kpf: Generate proper links in the HTML output for directories with spaces
and umlauts.
* knewsticker: Fix Bug 49114: KNewsticker news download still buggy?
* knewsticker: Fix Bug 52642: does not update an rdf feed when the new feed
has no entries
* knewsticker: Fix Bug 62129: Suggest button is not cancellable."
* knewsticker: Fix Bug 63224: knewsticker doesn't update news
* knewsticker: Fix Bug 63265: Ampersands in news source is shown as underline
* knewsticker: Filters now work properly with original (non-custom) newsfeed
names.
* knewsticker: Scrolltext now eats less CPU, scrolling speed slider influences
speed linearly.
* kmail: Fix crypto plugin loading.
* kmail: Fix decoding of subjected in embedded mime parts.
* kmail: Fix crash during configuring signatures.
* kmail: Fix portability issue in header field decoding.
* kmail: Fix bug that caused mailman to mangle headers.
* kmail: Fix mangling of multiline, quoted-printable encoded subject header.
* kmail: Roaming User Support.
* krfb: multihead fix.
* kget: Roaming User Support.
* knode: Roaming User Support.
Changes:
* resolve symlinks before opening a file [#60860 ]
* don't insert the "<meta http-equiv="Content-Type" content="text/html;
charset=..." line when using the Quick Start dialog [#61500 ]
* fix CTRL-C behavior [#62624]
* fix message window handling
* fix script action error output handling
* honour the "Do not load the modified version from disk." setting in the
dirty file dialog
Changes:
* kdialog: Fixed "--warningcontinuecancel".
* Konqueror: Don't crash when opening a directory in tab from the navigation
panel
* KDM: Fix weak cookie generation / local root
* smb:// slave: improve error handling.
* khotkeys: allow usage of global config file for site-wide configuration.
* kwin: fix mouse grabbing problem with _NET_WM_MOVERESIZE.
* krdb: improve exported colorsheme for Adobe acroread.
* fonts kcontrol: improve configure check to handle newer fontconfig releases
which use pkg-config.
* kwin: fix "left click into active window in background does not raise" bug
* KDM: implement parsing of display names that contain dashes.
* kicker: memory leak fixes.
* khotkeys: crash fix.
* konsole: ported grantpty to FreeBSD.
* ksmserver: support read-only home directory.
* Improve FreeBSD support in fish://.
* kdesktop: accept empty password if account has no password set.
* konqueror: ensure that we don't change the servicetype, in case the mimetype
is ambiguous.
* konqueror: Fix handling of wildcard file selection / unselection.
* konqueror: fix crash when trying to drag the location label.
* konqueror's listview: selected items don't get unselected anymore during
DnD operation
* thumbnail creator: fix filedescriptor leak.
* thumbnail creator: fix Postscript thumbnail rendering.
Changes:
* Allows compilation against Qt 3.2.x
* improvements to utf8-filename handling in KIO
* fix nonlating-filenames in http form upload (#61721)
* ignoring X11 errors during startup to avoid startup notification to stop early
* Preformance improvement to KGuiItem::plainText()
* kdesu: implement session management for kdesu-started applications.
* khtml: fix form widget sizing when code is compiled with gcc 3.4+.
* kio: fix bug that caused gzip-encoded webpages to fail rendering when
compiled with Qt 3.2.
* keramik widgets: fix merging mistake that caused drawing errors in comboboxes.
* keramik widgets: Fix pixmap cachine keying, correcting odd artifacts with
some colorscheme changes.
* dcop: honor $DCOPAUTHORITY which allows to specify an alternative location
than $HOME for .DCOPserver_xxx
* kcookiejar: fix cookie handling cornercase
* kdeinit: support read-only home directories
* artsd: fix restart
* khtml: code fixes to avoid miscompilation of SunProCC under Solaris
* kate: fix offering of default encoding when saving a file.
* netwm: fix massive memory leak (showing up e.g. in kicker).
* kate: fix compilation under aCC.
* khtml: several crash fixes. Qt 3.2.x compatibility fixes. rendering
improvements.
* khtml: merging bug that caused the famous scrollbar problem fixed.
* klistview: massive performance improvement in alternative color background
handling
* khtml/java: improved handling of slightly malformed urls.
* kio: only cache successful passwords, otherwise its impossible to re-enter
a password when it failed authorisation the first time.
* A crash bug when deleting currently opened folder has been fixed.
* The performance issue of the address book has been fixed.
* The behavior of manual signature insertion has been reverted.
* A crash bug on startup when a font can't be loaded has been fixed.
* The format of MIME boundary has been modified again.
* Other minor bugfixes have been made.
ok'ed by chris@
The project aims to provide an efficient extensible abstraction
for dealing with different spell checking libraries.
Enchant is meant to provide a generic interface into various existing
spell checking libaries. These include, but are not limited to:
* Aspell/Pspell
* Ispell
* Hspell
* Uspell
Enchant is also meant to be used in a cross-platform (XP) environment.
Part of this means that Enchant wants to limit its number of external
dependencies to 0, or as close is as humanly possible. Also, any
enchant consumer (i.e. a Word Processor) should not need to know
about what backend providers Enchant knows about. In fact, Enchant
shouldn't even need to know this information itself. To accomplish
this, all of Enchant's providers are DLLs.
Enchant is also meant to be used in a multi-user environment, such
as Unix. It is preferable to have both a $USER and a $GLOBAL
location for both provider DLLs and for dictionaries themselves,
when possible. Enchant's DLL location algorithm takes this into
account, and gives preference to the $USER DLLs, when found.
