1 SENDMAIL RELEASE NOTES
| 1 SENDMAIL RELEASE NOTES
|
2 $Id: RELEASE_NOTES,v 8.1765 2006/03/08 02:15:03 ca Exp $
| 2 $Id: RELEASE_NOTES,v 8.1777.2.6 2006/06/05 22:32:41 ca Exp $
|
3 4 5This listing shows the version of the sendmail binary, the version 6of the sendmail configuration files, the date of release, and a 7summary of the changes in that release. 8
| 3 4 5This listing shows the version of the sendmail binary, the version 6of the sendmail configuration files, the date of release, and a 7summary of the changes in that release. 8
|
| 98.13.7/8.13.7 2006/06/14 10 A malformed MIME structure with many parts can cause sendmail to 11 crash while trying to send a mail due to a stack overflow, 12 e.g., if the stack size is limited (ulimit -s). This 13 happens because the recursion of the function mime8to7() 14 was not restricted. The function is called for MIME 8 to 15 7 bit conversion and also to enforce MaxMimeHeaderLength. 16 To work around this problem, recursive calls are limited to 17 a depth of MAXMIMENESTING (20); message content after this 18 limit is treated as opaque and is not checked further. 19 Problem noted by Frank Sheiness. 20 The changes to the I/O layer in 8.13.6 caused a regression for 21 SASL mechanisms that use the security layer, e.g., 22 DIGEST-MD5. Problem noted by Robert Stampfli. 23 If a timeout occurs while reading a message (during the DATA phase) 24 a df file might have been left behind in the queue. 25 This was another side effect of the changes to the I/O 26 layer made in 8.13.6. 27 Several minor problems have been fixed that were found by a 28 Coverity scan of sendmail 8 as part of the NetBSD 29 distribution. See http://scan.coverity.com/ 30 Note: the scan generated also a lot of "false positives", 31 e.g., "error" reports about situations that cannot happen. 32 Most of those code places are marked with lint(1) comments 33 like NOTREACHED, but Coverity does not understand those. 34 Hence an explicit assertion has been added in some cases 35 to avoid those false positives. 36 If the start of the sendmail daemon fails due to a configuration 37 error then in some cases shared memory segments or pid 38 files were not removed. 39 If DSN support is disabled via access_db, then related ESMTP 40 parameters for MAIL and RCPT should be rejected. Problem 41 reported by Akihiro Sagawa. 42 Enabling zlib compression in OpenSSL 0.9.8[ab] breaks the padding 43 bug work-around. Hence if sendmail is linked against 44 either of these versions and compression is available, 45 the padding bug work-around is turned off. Based on 46 patch from Victor Duchovni of Morgan Stanley. 47 CONFIG: FEATURE(`dnsbl') and FEATURE(`enhdnsbl') used 48 blackholes.mail-abuse.org as default domain for lookups, 49 however, that list is no longer available. To avoid 50 further problems, no default value is available anymore, 51 but an argument must be specified. 52 Portability: 53 Fix compilation on OSF/1 for sfsasl.c. Patch from 54 Pieter Bowman of the University of Utah. 55
|
98.13.6/8.13.6 2006/03/22 10 SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server 11 and client side of sendmail with timeouts in the libsm I/O 12 layer and fix problems in that code. Also fix handling of 13 a buffer in sm_syslog() which could have been used as an 14 attack vector to exploit the unsafe handling of 15 setjmp(3)/longjmp(3) in combination with signals. 16 Problem detected by Mark Dowd of ISS X-Force.
--- 9841 unchanged lines hidden --- | 568.13.6/8.13.6 2006/03/22 57 SECURITY: Replace unsafe use of setjmp(3)/longjmp(3) in the server 58 and client side of sendmail with timeouts in the libsm I/O 59 layer and fix problems in that code. Also fix handling of 60 a buffer in sm_syslog() which could have been used as an 61 attack vector to exploit the unsafe handling of 62 setjmp(3)/longjmp(3) in combination with signals. 63 Problem detected by Mark Dowd of ISS X-Force.
--- 9841 unchanged lines hidden --- |