Update sendmail (with vendor patch) to address the current security issue:

    http://www.kb.cert.org/vuls/id/834865

Bump to nb2.
This will change the internal version of sendmail to 8.12.11.20060308.

>       SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
>               and client side of sendmail with timeouts in the libsm I/O
>               layer and fix problems in that code.  Also fix handling of
>               a buffer in sm_syslog() which could have been used as an
>               attack vector to exploit the unsafe handling of
>               setjmp(3)/longjmp(3) in combination with signals.
>               Problem detected by Mark Dowd of ISS X-Force.
>       Handle theoretical integer overflows that could triggered if
>               the server accepted headers larger than the maximum
>               (signed) integer value.  This is prevented in the default
>               configuration by restricting the size of a header, and on
>               most machines memory allocations would fail before reaching
>               those values.  Problems found by Phil Brass of ISS.

0 files changed, 0 insertions, 0 deletions