Subject: CVS commit: pkgsrc/mail/sendmail
From: Adrian Portelli
Date: 2006-05-13 00:23:09
Message id: 20060512222309.3F7782DA27@cvs.netbsd.org

Log Message:
Update to sendmail 8.13.6
> 8.13.6/8.13.6	2006/03/22
> 	SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server
> 		and client side of sendmail with timeouts in the libsm I/O
> 		layer and fix problems in that code.  Also fix handling of
> 		a buffer in sm_syslog() which could have been used as an
> 		attack vector to exploit the unsafe handling of
> 		setjmp(3)/longjmp(3) in combination with signals.
> 		Problem detected by Mark Dowd of ISS X-Force.
> 	Handle theoretical integer overflows that could triggered if
> 		the server accepted headers larger than the maximum
> 		(signed) integer value.  This is prevented in the default
> 		configuration by restricting the size of a header, and on
> 		most machines memory allocations would fail before reaching
> 		those values.  Problems found by Phil Brass of ISS.
> 	If a server returns 421 for an RSET command when trying to start
> 		another transaction in a session while sending mail, do
> 		not trigger an internal consistency check.  Problem found
> 		by Allan E Johannesen of Worcester Polytechnic Institute.
> 	If a server returns a 5xy error code (other than 501) in response
> 		to a STARTTLS command despite the fact that it advertised
> 		STARTTLS and that the code is not valid according to RFC
> 		2487 treat it nevertheless as a permanent failure instead
> 		of a protocol error (which has been changed to a
> 		temporary error in 8.13.5).  Problem reported by Jeff
> 		A. Earickson of Colby College.
> 	Clear SMTP state after a HELO/EHLO command.  Patch from John
> 		Myers of Proofpoint.
> 	Observe MinQueueAge option when gathering entries from the queue
> 		for sorting etc instead of waiting until the entries are
> 		processed.  Patch from Brian Fundakowski Feldman.
> 	Set up TLS session cache to properly handle clients that try to
> 		resume a stored TLS session.
> 	Properly count the number of (direct) child processes such that
> 		a configured value (MaxDaemonChildren) is not exceeded.
> 		Based on patch from Attila Bruncsak.
> 	LIBMILTER: Remove superfluous backslash in macro definition
> 		(libmilter.h).  Based on patch from Mike Kupfer of
> 		Sun Microsystems.
> 	LIBMILTER: Don't try to set SO_REUSEADDR on UNIX domain sockets.
> 		This generates an error message from libmilter on
> 		Solaris, though other systems appear to just discard the
> 		request silently.
> 	LIBMILTER: Deal with sigwait(2) implementations that return
> 		-1 and set errno instead of returning an error code
> 		directly.  Patch from Chris Adams of HiWAAY Informations
> 		Services.
> 	Portability:
> 		Fix compilation checks for closefrom(3) and statvfs(2)
> 		in NetBSD.  Problem noted by S. Moonesamy, patch from
> 		Andrew Brown.

Files:
RevisionActionfile
1.87modifypkgsrc/mail/sendmail/Makefile
1.34modifypkgsrc/mail/sendmail/Makefile.common
1.28modifypkgsrc/mail/sendmail/distinfo
1.12modifypkgsrc/mail/sendmail/patches/patch-ag
1.4removepkgsrc/mail/sendmail/patches/patch-ai
1.1removepkgsrc/mail/sendmail/patches/patch-aj
1.1removepkgsrc/mail/sendmail/patches/patch-ak
1.1removepkgsrc/mail/sendmail/patches/patch-al