diff options
author | adrianp <adrianp> | 2006-03-22 19:56:36 +0000 |
---|---|---|
committer | adrianp <adrianp> | 2006-03-22 19:56:36 +0000 |
commit | 4f013f56b19e745193a57948ec9a7009027e9399 (patch) | |
tree | ba578df363c3fc962918bea9643045fabe9c5a14 | |
parent | 5c14c1e9888e81a7198c4dbfbad6cdd8a72c11ca (diff) | |
download | pkgsrc-4f013f56b19e745193a57948ec9a7009027e9399.tar.gz |
Update sendmail to address the current security issue
Bump to nb2
This will change the internal version of sendmail to 8.13.5.20060308
> SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> and client side of sendmail with timeouts in the libsm I/O
> layer and fix problems in that code. Also fix handling of
> a buffer in sm_syslog() which could have been used as an
> attack vector to exploit the unsafe handling of
> setjmp(3)/longjmp(3) in combination with signals.
> Problem detected by Mark Dowd of ISS X-Force.
> Handle theoretical integer overflows that could triggered if
> the server accepted headers larger than the maximum
> (signed) integer value. This is prevented in the default
> configuration by restricting the size of a header, and on
> most machines memory allocations would fail before reaching
> those values. Problems found by Phil Brass of ISS.
-rw-r--r-- | mail/sendmail/Makefile | 4 | ||||
-rw-r--r-- | mail/sendmail/Makefile.common | 5 | ||||
-rw-r--r-- | mail/sendmail/distinfo | 5 |
3 files changed, 10 insertions, 4 deletions
diff --git a/mail/sendmail/Makefile b/mail/sendmail/Makefile index 2b7fb2dfd85..108a61e152b 100644 --- a/mail/sendmail/Makefile +++ b/mail/sendmail/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.83 2006/01/23 17:28:41 tv Exp $ +# $NetBSD: Makefile,v 1.84 2006/03/22 19:56:36 adrianp Exp $ .include "../../mail/sendmail/Makefile.common" PKGNAME= sendmail-${DIST_VERS} -PKGREVISION= 1 +PKGREVISION= 2 COMMENT= The well known Mail Transport Agent CONFLICTS+= postfix-[0-9]* fastforward>=0.51nb2 diff --git a/mail/sendmail/Makefile.common b/mail/sendmail/Makefile.common index 40248e94347..211957bbe72 100644 --- a/mail/sendmail/Makefile.common +++ b/mail/sendmail/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.31 2006/01/08 16:16:00 joerg Exp $ +# $NetBSD: Makefile.common,v 1.32 2006/03/22 19:56:36 adrianp Exp $ # # Makefile fragment shared with libmilter # @@ -9,6 +9,9 @@ MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/ \ ftp://ftp.fu-berlin.de/pub/unix/mail/sendmail/ \ ftp://ftp.ayamura.org/pub/sendmail/ +PATCH_SITES= ${MASTER_SITES} +PATCHFILES= 8.13.5.p0 + MAINTAINER= adrianp@NetBSD.org HOMEPAGE= http://www.sendmail.org/ diff --git a/mail/sendmail/distinfo b/mail/sendmail/distinfo index c36d52eef43..21e58f3d5d4 100644 --- a/mail/sendmail/distinfo +++ b/mail/sendmail/distinfo @@ -1,8 +1,11 @@ -$NetBSD: distinfo,v 1.26 2006/01/18 21:00:48 adrianp Exp $ +$NetBSD: distinfo,v 1.27 2006/03/22 19:56:36 adrianp Exp $ SHA1 (sendmail.8.13.5.tar.gz) = 3c6a6caf1deaf960b340b03128df63e4cd553cde RMD160 (sendmail.8.13.5.tar.gz) = 976af4c8c02adb7dd4a2610f905e91027c84d92d Size (sendmail.8.13.5.tar.gz) = 1978185 bytes +SHA1 (8.13.5.p0) = 34dfcf80717cb5c48687779ab96fda71e5d7771b +RMD160 (8.13.5.p0) = 639931160ecb4a0aec3279c3d22353982ecfcf38 +Size (8.13.5.p0) = 72693 bytes SHA1 (patch-aa) = b7ceece7760e3d637016da039f8429c1fb89f2cf SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27 |