diff options
author | tv <tv@pkgsrc.org> | 2006-03-22 21:19:06 +0000 |
---|---|---|
committer | tv <tv@pkgsrc.org> | 2006-03-22 21:19:06 +0000 |
commit | 0ce2b03348579406a88687773ca27e81f19be6b3 (patch) | |
tree | d7b3690a614b9eae95edb04373d86e39fbc56268 /mail/sendmail812 | |
parent | 91009ff1cfa580199a1596a7245a5dcf8c571a01 (diff) | |
download | pkgsrc-0ce2b03348579406a88687773ca27e81f19be6b3.tar.gz |
Update sendmail (with vendor patch) to address the current security issue:
http://www.kb.cert.org/vuls/id/834865
Bump to nb2.
This will change the internal version of sendmail to 8.12.11.20060308.
> SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> and client side of sendmail with timeouts in the libsm I/O
> layer and fix problems in that code. Also fix handling of
> a buffer in sm_syslog() which could have been used as an
> attack vector to exploit the unsafe handling of
> setjmp(3)/longjmp(3) in combination with signals.
> Problem detected by Mark Dowd of ISS X-Force.
> Handle theoretical integer overflows that could triggered if
> the server accepted headers larger than the maximum
> (signed) integer value. This is prevented in the default
> configuration by restricting the size of a header, and on
> most machines memory allocations would fail before reaching
> those values. Problems found by Phil Brass of ISS.
Diffstat (limited to 'mail/sendmail812')
-rw-r--r-- | mail/sendmail812/Makefile | 4 | ||||
-rw-r--r-- | mail/sendmail812/Makefile.common | 5 | ||||
-rw-r--r-- | mail/sendmail812/distinfo | 5 |
3 files changed, 10 insertions, 4 deletions
diff --git a/mail/sendmail812/Makefile b/mail/sendmail812/Makefile index 189f5aadf97..2849997eb0a 100644 --- a/mail/sendmail812/Makefile +++ b/mail/sendmail812/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.7 2005/12/29 06:21:53 jlam Exp $ +# $NetBSD: Makefile,v 1.8 2006/03/22 21:19:06 tv Exp $ .include "options.mk" .include "../../mail/sendmail812/Makefile.common" PKGNAME= sendmail-${DIST_VERS} -PKGREVISION= 1 +PKGREVISION= 2 COMMENT= The well known Mail Transport Agent CONFLICTS+= postfix-[0-9]* fastforward>=0.51nb2 diff --git a/mail/sendmail812/Makefile.common b/mail/sendmail812/Makefile.common index df353e8a484..cfe1e718ca6 100644 --- a/mail/sendmail812/Makefile.common +++ b/mail/sendmail812/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.9 2005/12/05 20:50:35 rillig Exp $ +# $NetBSD: Makefile.common,v 1.10 2006/03/22 21:19:06 tv Exp $ # # Makefile fragment shared with libmilter # @@ -9,6 +9,9 @@ MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/ \ ftp://ftp.fu-berlin.de/pub/unix/mail/sendmail/ \ ftp://ftp.kyoto.wide.ad.jp/pub/mail/sendmail/ +PATCH_SITES= ${MASTER_SITES} +PATCHFILES= 8.12.11.p0 + MAINTAINER= adrianp@NetBSD.org HOMEPAGE= http://www.sendmail.org/ diff --git a/mail/sendmail812/distinfo b/mail/sendmail812/distinfo index 5317650c6e4..6a1b3530cb5 100644 --- a/mail/sendmail812/distinfo +++ b/mail/sendmail812/distinfo @@ -1,8 +1,11 @@ -$NetBSD: distinfo,v 1.3 2005/09/08 22:32:39 abs Exp $ +$NetBSD: distinfo,v 1.4 2006/03/22 21:19:06 tv Exp $ SHA1 (sendmail.8.12.11.tar.gz) = ce1ba0e50740c548f8555f1a905d8514e6637f95 RMD160 (sendmail.8.12.11.tar.gz) = a80ceccbe3425ea01ce6cb89f2226f83b3562b64 Size (sendmail.8.12.11.tar.gz) = 1899112 bytes +SHA1 (8.12.11.p0) = aeef47bf434c13d91ba1c1e777cf81a2ba283290 +RMD160 (8.12.11.p0) = 267afdf9abc4636d0750bddf3b7bd16fe9b2fd5b +Size (8.12.11.p0) = 71804 bytes SHA1 (patch-aa) = cf9a68f5e6d6fd6e13a806a7d1e6ebab18fc9c6f SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27 |