kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/mail/sendmail
History
adrianp f952f726e1 Update to sendmail 8.13.6 
> 8.13.6/8.13.6	2006/03/22
> 	SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> 		and client side of sendmail with timeouts in the libsm I/O
> 		layer and fix problems in that code.  Also fix handling of
> 		a buffer in sm_syslog() which could have been used as an
> 		attack vector to exploit the unsafe handling of
> 		setjmp(3)/longjmp(3) in combination with signals.
> 		Problem detected by Mark Dowd of ISS X-Force.
> 	Handle theoretical integer overflows that could triggered if
> 		the server accepted headers larger than the maximum
> 		(signed) integer value.  This is prevented in the default
> 		configuration by restricting the size of a header, and on
> 		most machines memory allocations would fail before reaching
> 		those values.  Problems found by Phil Brass of ISS.
> 	If a server returns 421 for an RSET command when trying to start
> 		another transaction in a session while sending mail, do
> 		not trigger an internal consistency check.  Problem found
> 		by Allan E Johannesen of Worcester Polytechnic Institute.
> 	If a server returns a 5xy error code (other than 501) in response
> 		to a STARTTLS command despite the fact that it advertised
> 		STARTTLS and that the code is not valid according to RFC
> 		2487 treat it nevertheless as a permanent failure instead
> 		of a protocol error (which has been changed to a
> 		temporary error in 8.13.5).  Problem reported by Jeff
> 		A. Earickson of Colby College.
> 	Clear SMTP state after a HELO/EHLO command.  Patch from John
> 		Myers of Proofpoint.
> 	Observe MinQueueAge option when gathering entries from the queue
> 		for sorting etc instead of waiting until the entries are
> 		processed.  Patch from Brian Fundakowski Feldman.
> 	Set up TLS session cache to properly handle clients that try to
> 		resume a stored TLS session.
> 	Properly count the number of (direct) child processes such that
> 		a configured value (MaxDaemonChildren) is not exceeded.
> 		Based on patch from Attila Bruncsak.
> 	LIBMILTER: Remove superfluous backslash in macro definition
> 		(libmilter.h).  Based on patch from Mike Kupfer of
> 		Sun Microsystems.
> 	LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets.
> 		This generates an error message from libmilter on
> 		Solaris, though other systems appear to just discard the
> 		request silently.
> 	LIBMILTER: Deal with sigwait(2) implementations that return
> 		-1 and set errno instead of returning an error code
> 		directly.  Patch from Chris Adams of HiWAAY Informations
> 		Services.
> 	Portability:
> 		Fix compilation checks for closefrom(3) and statvfs(2)
> 		in NetBSD.  Problem noted by S. Moonesamy, patch from
> 		Andrew Brown.
2006-05-12 22:23:09 +00:00
..
files - Fix builds with SASLv2 following removal of SASLv1 support 2005-04-01 18:42:08 +00:00
patches Update to sendmail 8.13.6 2006-05-12 22:23:09 +00:00
DESCR
distinfo Update to sendmail 8.13.6 2006-05-12 22:23:09 +00:00
Makefile Update to sendmail 8.13.6 2006-05-12 22:23:09 +00:00
Makefile.common Update to sendmail 8.13.6 2006-05-12 22:23:09 +00:00
MESSAGE - Update sendmail to 8.13.3 2005-02-10 22:17:24 +00:00
options.mk Update path from cyrus-sasl2 to cyrus-sasl. 2006-04-13 21:45:12 +00:00
PLIST Update sendmail to 8.13.5 2005-10-14 08:36:02 +00:00
PLIST.socketmap