pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

PR/33821 CVS commit: [pkgsrc-2006Q2] pkgsrc/mail/sendmail



The following reply was made to PR pkg/33821; it has been noted by GNATS.

From: Geert Hendrickx <ghen%netbsd.org@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: PR/33821 CVS commit: [pkgsrc-2006Q2] pkgsrc/mail/sendmail
Date: Tue, 29 Aug 2006 06:53:23 +0000 (UTC)

 Module Name:   pkgsrc
 Committed By:  ghen
 Date:          Tue Aug 29 06:53:23 UTC 2006
 
 Modified Files:
        pkgsrc/mail/sendmail [pkgsrc-2006Q2]: Makefile Makefile.common distinfo
        pkgsrc/mail/sendmail/patches [pkgsrc-2006Q2]: patch-aj
 Removed Files:
        pkgsrc/mail/sendmail/patches [pkgsrc-2006Q2]: patch-ak patch-al
            patch-am
 
 Log Message:
 Pullup ticket 1812 - requested by tv
 security/bugfix update for sendmail
 
 Revisions pulled up:
 - pkgsrc/mail/sendmail/Makefile                                1.91
 - pkgsrc/mail/sendmail/Makefile.common                 1.37-1.38
 - pkgsrc/mail/sendmail/distinfo                                1.31-1.32
 - pkgsrc/mail/sendmail/patches/patch-aj                        1.4
 - pkgsrc/mail/sendmail/patches/patch-ak                        removed
 - pkgsrc/mail/sendmail/patches/patch-al                        removed
 - pkgsrc/mail/sendmail/patches/patch-am                        removed
 
    Module Name:        pkgsrc
    Committed By:       tv
    Date:               Fri Jul  7 18:06:28 UTC 2006
 
    Modified Files:
        pkgsrc/mail/sendmail: Makefile Makefile.common distinfo
        pkgsrc/mail/sendmail/patches: patch-aj
    Removed Files:
        pkgsrc/mail/sendmail/patches: patch-ak patch-al patch-am
 
    Log Message:
    Update to 8.13.7; changelog below.  (8.13.6nb3 already had the security
    fixes by patch.)
 
    While here, fix PR pkg/33821 by substituting pkgsrc's BINOWN, BINGRP, and
    INSTALL definitions into the installed share/sendmail/cf/Makefile.
 
    8.13.7/8.13.7       2006/06/14
        A malformed MIME structure with many parts can cause sendmail to
                crash while trying to send a mail due to a stack overflow,
                e.g., if the stack size is limited (ulimit -s).  This
                happens because the recursion of the function mime8to7()
                was not restricted.  The function is called for MIME 8 to
                7 bit conversion and also to enforce MaxMimeHeaderLength.
                To work around this problem, recursive calls are limited to
                a depth of MAXMIMENESTING (20); message content after this
                limit is treated as opaque and is not checked further.
                Problem noted by Frank Sheiness.
        The changes to the I/O layer in 8.13.6 caused a regression for
                SASL mechanisms that use the security layer, e.g.,
                DIGEST-MD5.  Problem noted by Robert Stampfli.
        If a timeout occurs while reading a message (during the DATA phase)
                a df file might have been left behind in the queue.
                This was another side effect of the changes to the I/O
                layer made in 8.13.6.
        Several minor problems have been fixed that were found by a
                Coverity scan of sendmail 8 as part of the NetBSD
                distribution. See http://scan.coverity.com/
                Note: the scan generated also a lot of "false positives",
                e.g., "error" reports about situations that cannot happen.
                Most of those code places are marked with lint(1) comments
                like NOTREACHED, but Coverity does not understand those.
                Hence an explicit assertion has been added in some cases
                to avoid those false positives.
        If the start of the sendmail daemon fails due to a configuration
                error then in some cases shared memory segments or pid
                files were not removed.
        If DSN support is disabled via access_db, then related ESMTP
                parameters for MAIL and RCPT should be rejected.  Problem
                reported by Akihiro Sagawa.
        Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding
                bug work-around.  Hence if sendmail is linked against
                either of these versions and compression is available,
                the padding bug work-around is turned off.  Based on
                patch from Victor Duchovni of Morgan Stanley.
        CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used
                blackholes.mail-abuse.org as default domain for lookups,
                however, that list is no longer available.  To avoid
                further problems, no default value is available anymore,
                but an argument must be specified.
        Portability:
                Fix compilation on OSF/1 for sfsasl.c.  Patch from
                Pieter Bowman of the University of Utah.
 ---
    Module Name:        pkgsrc
    Committed By:       tv
    Date:               Wed Aug  9 21:23:00 UTC 2006
 
    Modified Files:
        pkgsrc/mail/sendmail: Makefile.common distinfo
 
    Log Message:
    Update to 8.13.8.  Changes:
 
    8.13.8/8.13.8   2006/08/09
         Fix a regression in 8.13.7: if shared memory is activated, then
                 the server can erroneously report that there is
                 insufficient disk space.  Additionally make sure that
                 an internal variable is set properly to avoid those
                 misleading errors.  Based on patch from Steve Hubert
                 of University of Washington.
         Fix a regression in 8.13.7: the PidFile could be removed after
                 the process that forks the daemon exited, i.e., if
                 sendmail -bd is invoked.  Problem reported by Kan Sasaki
                 of Fusion Communications Corp. and Werner Wiethege.
         Avoid opening qf files if QueueSortOrder is "none".  Patch from
                 David F. Skoll.
         Avoid a crash when finishing due to referencing a freed variable.
                 Problem reported and diagnosed by Moritz Jodeit.
         CONTRIB: cidrexpand now deals with /0 by issuing the entire IPv4
                 range (0..255).
         LIBMILTER: The "hostname" argument of the xxfi_connect() callback
                 previously was the equivalent of {client_ptr}.  However,
                 this did not match the documentation of the function, hence
                 it has been changed to {client_name}.  See doc/op/op.*
                 about these macros.
 
 
 To generate a diff of this commit:
 cvs rdiff -r1.90 -r1.90.2.1 pkgsrc/mail/sendmail/Makefile
 cvs rdiff -r1.36 -r1.36.2.1 pkgsrc/mail/sendmail/Makefile.common
 cvs rdiff -r1.30 -r1.30.2.1 pkgsrc/mail/sendmail/distinfo
 cvs rdiff -r1.3 -r1.3.2.1 pkgsrc/mail/sendmail/patches/patch-aj
 cvs rdiff -r1.3 -r0 pkgsrc/mail/sendmail/patches/patch-ak \
     pkgsrc/mail/sendmail/patches/patch-al
 cvs rdiff -r1.1 -r0 pkgsrc/mail/sendmail/patches/patch-am
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
 



Home | Main Index | Thread Index | Old Index