diff options
author | seb <seb> | 2003-03-29 19:55:56 +0000 |
---|---|---|
committer | seb <seb> | 2003-03-29 19:55:56 +0000 |
commit | 9dfabacad4f5a54dd444e15a156c00f981adc837 (patch) | |
tree | 4918303c2ed0c4c3d83dccc82bdc56e118e1a04f /mail/sendmail | |
parent | 8656a6b28d8afabb224f402210ac8f9e4a92dab2 (diff) | |
download | pkgsrc-9dfabacad4f5a54dd444e15a156c00f981adc837.tar.gz |
Update to version 8.12.9.
This is mostly a security fix release.
See the list of changes since 8.12.8 below.
Package change: always put M4 in MAKE_ENV so we are sure of the one used.
Note: this also update mail/libmilter the same version.
8.12.9/8.12.9 2003/03/29
SECURITY: Fix a buffer overflow in address parsing due to
a char to int conversion problem which is potentially
remotely exploitable. Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to
data that it receives from untrusted sources, which
includes DNS.
To provide partial protection to internal, unpatched sendmail MTAs,
8.12.9 changes by default (char)0xff to (char)0x7f in
headers etc. To turn off this conversion compile with
-DALLOW_255 or use the command line option -d82.101.
To provide partial protection for internal, unpatched MTAs that may be
performing 7->8 or 8->7 bit MIME conversions, the default
for MaxMimeHeaderLength has been changed to 2048/1024.
Note: this does have a performance impact, and it only
protects against frontal attacks from the outside.
To disable the checks and return to pre-8.12.9 defaults,
set MaxMimeHeaderLength to 0/0.
Do not complain about -ba when submitting mail. Problem noted
by Derek Wueppelmann.
Fix compilation with Berkeley DB 1.85 on systems that do not
have flock(2). Problem noted by Andy Harper of Kings
College London.
Properly initialize data structure for dns maps to avoid various
errors, e.g., looping processes. Problem noted by
Maurice Makaay.
CONFIG: Prevent multiple application of rule to add smart host.
Patch from Andrzej Filip.
CONFIG: Fix queue group declaration in MAILER(`usenet').
CONTRIB: buildvirtuser: New option -t builds the virtusertable
text file instead of the database map.
Portability:
Revert wrong change made in 8.12.7 and actually use the
builtin getopt() version in sendmail on Linux.
This can be overridden by using -DSM_CONF_GETOPT=0
in which case the OS supplied version will be used.
Diffstat (limited to 'mail/sendmail')
-rw-r--r-- | mail/sendmail/Makefile.common | 7 | ||||
-rw-r--r-- | mail/sendmail/distinfo | 6 |
2 files changed, 7 insertions, 6 deletions
diff --git a/mail/sendmail/Makefile.common b/mail/sendmail/Makefile.common index 2c9f0fdcae7..57f85e2c240 100644 --- a/mail/sendmail/Makefile.common +++ b/mail/sendmail/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.5 2003/03/29 12:41:38 jmmv Exp $ +# $NetBSD: Makefile.common,v 1.6 2003/03/29 19:55:56 seb Exp $ # # Makefile fragment shared with libmilter # @@ -6,7 +6,6 @@ DISTNAME= sendmail.${DIST_VERS} WRKSRC= ${WRKDIR}/sendmail-${DIST_VERS} CATEGORIES= mail -PKGREVISION= 1 MASTER_SITES= ftp://ftp.sendmail.org/pub/sendmail/ \ ftp://ftp.fu-berlin.de/pub/unix/mail/sendmail/ \ ftp://ftp.kyoto.wide.ad.jp/pub/mail/sendmail/ @@ -20,7 +19,7 @@ DISTINFO_FILE?= ${.CURDIR}/../../mail/sendmail/distinfo FILESDIR?= ${.CURDIR}/../../mail/sendmail/files PATCHDIR?= ${.CURDIR}/../../mail/sendmail/patches -DIST_VERS= 8.12.8 +DIST_VERS= 8.12.9 MAKE_ENV+= BSD_BINOWN="${BINOWN}" BSD_BINGRP="${BINGRP}" \ BSD_MANOWN="${MANOWN}" BSD_MANGRP="${MANGRP}" \ @@ -48,6 +47,8 @@ _NEED_GNU_M4= YES BUILD_DEPENDS+= m4-*:../../devel/m4 EVAL_PREFIX+= M4_PREFIX=m4 MAKE_ENV+= M4=${M4_PREFIX}/bin/${GNU_PROGRAM_PREFIX}m4 +.else +MAKE_ENV+= M4=${M4} .endif make-sendmail-siteconfig: diff --git a/mail/sendmail/distinfo b/mail/sendmail/distinfo index f5a09e23c1d..5d057a3746f 100644 --- a/mail/sendmail/distinfo +++ b/mail/sendmail/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.10 2003/03/04 00:21:31 seb Exp $ +$NetBSD: distinfo,v 1.11 2003/03/29 19:55:56 seb Exp $ -SHA1 (sendmail.8.12.8.tar.gz) = 8fdec57e4c8b91298e5dc757a7b856b3e3f90fc8 -Size (sendmail.8.12.8.tar.gz) = 1881693 bytes +SHA1 (sendmail.8.12.9.tar.gz) = c53bb2ebe694a6f20e3d2f1dbfedc6be9409f37c +Size (sendmail.8.12.9.tar.gz) = 1886008 bytes SHA1 (patch-aa) = 8a4563ece8ba8cee01081d49e486393f26ee1484 SHA1 (patch-ab) = a2abf6e78772e257e2a1973e7730159ff24a91aa SHA1 (patch-ac) = 96c19300b4188dbcbd202768eea912f675dadc27 |