SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sendmail-8.15.2-261.5.x86_64.rpm :

* Fri Jan 04 2019 Dr. Werner Fink - Remove alias to mail-transfer-agent.target (boo#1116675)
* Fri Jul 27 2018 jengelhAATTinai.de- Replace exec rm by delete/print.
* Mon Jul 16 2018 wernerAATTsuse.de- Remove left over from last patch- Group daemon is required
* Tue Dec 05 2017 bwiedemannAATTsuse.com- Add sendmail-8.15.2-reproducible.patch to make package build reproducible
* Wed Nov 29 2017 wernerAATTsuse.de- Add _FFR_TLS_EC m4 macro definition for site configuration as well (boo#1070065)
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017 wernerAATTsuse.de- Apply former patches only if openssl 1.1.0+ are installed
* Wed Nov 08 2017 vcizekAATTsuse.com- support build with openssl 1.1 (bsc#1067222)
* add patches from Fedora: sendmail-8.15.2-openssl-1.1.0-fix.patch sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch (rh#1473971)
* Thu Aug 17 2017 kukukAATTsuse.de- Add libnsl-devel build requires for glibc obsoleting libnsl
* Wed Jul 19 2017 wernerAATTsuse.de- Change requirements for libmilter and sendmail-devel as the library is also used by other MTA like postfix (boo#1049188)
* Thu May 11 2017 wernerAATTsuse.de- Require user and group mail
* Wed Apr 12 2017 wernerAATTsuse.de- Add bitdomain and uudomain to possible targets for refresh
* Wed Apr 12 2017 wernerAATTsuse.de- Change spec file name scheme used for getting soname down into libmilter
* Tue Apr 11 2017 jengelhAATTinai.de- Replace a find|xargs rm by -delete
* Thu Mar 23 2017 wernerAATTsuse.de- New package libmilter1_0 for the shared library version of libmilter, the Sendmail Content Management API- Also new package libmilter-doc for the substantial documentation about Sendmail Content Management API (milter)- Make sendmail-tls a noarch package
* Mon Mar 06 2017 wernerAATTsuse.de- Require m4 at build time
* Mon Feb 20 2017 kukukAATTsuse.de- Don\'t use insserv together with systemd
* Mon Sep 26 2016 wernerAATTsuse.de- Use _unitdir macro instead asking pkg config of systemd
* Tue Jul 19 2016 dimstarAATTopensuse.org- Fix License: Even https://spdx.org/licenses/Sendmail.html lists \"Sendmail\" as the valid identifier. Same as http://license.opensuse.org/ does. \"Sendmail License\" is in the column \"Full Name\". The License: tag requires the identifier.- Fix some more rpmlint warnings: + sendmail: W: suse-missing-rclink sendmail: - Ship /usr/sbin/rcsendmail symlink to /usr/sbin/service + sendmail: W: suse-missing-rclink sendmail-client - Ship /usr/sbin/rcsendmail-client symlink to /usr/sbin/service + sendmail: W: suse-wrong-suse-capitalisation: - Rename README.SuSE to README.SUSE (fix spelling also inside the file). + sendmail: W: permissions-dir-without-slash - Fix permissions and permissions.paranoid inside sendmail-suse.tar.bz2. + sendmail: W: systemd-service-without-service_del_postun: - Add corresponding macros to postun script when not building with sysvinit support. + sendmail: W: systemd-service-without-service_add_pre: - Add corresponding macros to pre script when not building with sysvinit support.
* Thu Jun 16 2016 tchvatalAATTsuse.com- Drop unused patch:
* sendmail-8.14.7-warning.patch
* Thu Jun 16 2016 tchvatalAATTsuse.com- Split uucp to separate package, no technical reason for it to not stand on its own- Drop uucp related patches: + uucp-1.07-contrib.dif + uucp-1.07-cu.patch + uucp-1.07-grade.patch + uucp-1.07-lockdev.patch + uucp-1.07.dif + uucp-texinfo-5.0.patch + drop_ftime.patch
* Thu May 19 2016 wernerAATTsuse.de- Do not use http://license.opensuse.org/ as reference for the Sendmail license even if stated by rpmlint but https://spdx.org/licenses/Sendmail.html
* Thu Apr 14 2016 wernerAATTsuse.de- Avoid warning from chkstat due slash on directory path as last character
* Thu Apr 14 2016 wernerAATTsuse.de- Update to sendmail 8.15.2 (boo#975416)
* If FEATURE(`nopercenthack\') is used then some bogus input triggered a recursion which was caught and logged as SYSERR: rewrite: excessive recursion (max 50) ... Fix based on patch from Ondrej Holas.
* DHParameters now by default uses an included 2048 bit prime. The value \'none\' previously caused a log entry claiming there was an error \"cannot read or set DH parameters\". Also note that this option applies to the server side only.
* The U= mailer field didn\'t accept group names containing hyphens, underbars, or periods. Based on patch from David Gwynne of the University of Queensland.
* CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again. Patch from Lars-Johan Liman of Netnod Internet Exchange.
* CONFIG: New option UseCompressedIPv6Addresses to select between compressed and uncompressed IPv6 addresses. The default value depends on the compile-time option IPV6_FULL: For 1 the default is False, for 0 it is True, thus preserving the current behaviour. Based on patch from John Beck of Oracle.
* CONFIG: Account for IPv6 localhost addresses in FEATURE(`block_bad_helo\'). Suggested by Andrey Chernov from FreeBSD and Robert Scheck from the Fedora Project.
* CONFIG: Account for IPv6 localhost addresses in check_mail ruleset.
* LIBMILTER: Deal with more invalid protocol data to avoid potential crashes. Problem noted by Dimitri Kirchner.
* LIBMILTER: Allow a milter to specify an empty macro list (\"\", not NULL) in smfi_setsymlist() so no macro is sent for the selected stage.
* MAKEMAP: A change to check TrustedUser in fewer cases which was made in 2013 caused a potential regression when makemap was run as root (which should not be done anyway).
* SECURITY: Properly set the close-on-exec flag for file descriptors (except stdin, stdout, and stderr) before executing mailers.
* If header rewriting fails due to a temporary map lookup failure, queue the mail for later retry instead of sending it without rewriting the header. Note: this is done while the mail is being sent and hence the transaction is aborted, which only works for SMTP/LMTP mailers hence the handling of temporary map failures is suppressed for other mailers. SMTP/LMTP servers may complain about aborted transactions when this problem occurs. See also \"DNS Lookups\" in sendmail/TUNING.
* Incompatible Change: Use uncompressed IPv6 addresses by default, i.e., they will not contain \"::\". For example, instead of ::1 it will be 0:0:0:0:0:0:0:1. This permits a zero subnet to have a more specific match, such as different map entries for IPv6:0:0 vs IPv6:0. This change requires that configuration data (including maps, files, classes, custom ruleset, etc) must use the same format, so make certain such configuration data is updated before using 8.15. As a very simple check search for patterns like \'IPv6:[0-9a-fA-F:]
*::\' and \'IPv6::\'. If necessary, the prior format can be retained by compiling with: APPENDDEF(`conf_sendmail_ENVDEF\', `-DIPV6_FULL=0\') in your devtools/Site/site.config.m4 file.
* If a connection to the MTA is dropped by the client before its hostname can be validated, treat it as \"may be forged\", so that the unvalidated hostname is not passed to a milter in xxfi_connect().
* Add a timeout for communication with socket map servers which can be specified using the -d option.
* Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow numeric logins even if HESIOD is enabled. - sendmail 8.15.1
* The new option CertFingerprintAlgorithm specifies the finger- print algorithm (digest) to use for the presented cert. If the option is not set, md5 is used and the macro {cert_md5} contains the cert fingerprint. However, if the option is set, the specified algorithm (e.g., sha1) is used and the macro {cert_fp} contains the cert fingerprint. That is, as long as the option is not set, the behaviour does not change, but otherwise, {cert_md5} is superseded by {cert_fp} even if you set CertFingerprintAlgorithm to md5.
* The options ServerSSLOptions and ClientSSLOptions can be used to set SSL options for the server and client side respectively. See SSL_CTX_set_options(3) for a list. Note: this change turns on SSL_OP_NO_SSLv2 and SSL_OP_NO_TICKET for the client. See doc/op/op.me for details.
* The option CipherList sets the list of ciphers for STARTTLS. See ciphers(1) for possible values.
* Do not log \"STARTTLS: internal error: tls_verify_cb: ssl == NULL\" if a CRLFfile is in use (and LogLevel is 14 or higher.)
* Store a more specific TLS protocol version in ${tls_version} instead of a generic one, e.g., TLSv1 instead of TLSv1/SSLv3.
* Properly set {client_port} value on little endian machines. Patch from Kelsey Cummings of Sonic.net.
* Per RFC 3848, indicate in the Received: header whether SSL or SMTP AUTH was negotiated by setting the protocol clause to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP.
* If the \'C\' flag is listed as TLSSrvOptions the requirement for the TLS server to have a cert is removed. This only works under very specific circumstances and should only be used if the consequences are understood, e.g., clients may not work with a server using this.
* The options ClientCertFile, ClientKeyFile, ServerCertFile, and ServerKeyFile can take a second file name, which must be separated from the first with a comma (note: do not use any spaces) to set up a second cert/key pair. This can be used to have certs of different types, e.g., RSA and DSA.
* A new map type \"arpa\" is available to reverse an IP (IPv4 or IPv6) address. It returns the string for the PTR lookup, but without trailing {ip6,in-addr}.arpa.
* New operation mode \'C\' just checks the configuration file, e.g., sendmail -C new.cf -bC will perform a basic syntax/consistency check of new.cf.
* The mailer flag \'I\' is deprecated and will be removed in a future version.
* Allow local (not just TCP) socket connections to the server, e.g., O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock can be used.
* If the new option MaxQueueAge is set to a value greater than zero, entries in the queue will be retried during a queue run only if the individual retry time has been reached which is doubled for each attempt. The maximum retry time is limited by the specified value.
* New DontBlameSendmail option GroupReadableDefaultAuthInfoFile to relax requirement for DefaultAuthInfo file.
* Reset timeout after receiving a message to appropriate value if STARTTLS is in use. Based on patch by Kelsey Cummings of Sonic.net.
* Report correct error messages from the LDAP library for a range of small negative return values covering those used by OpenLDAP.
* Fix compilation with Berkeley DB 5.0 and 6.0. Patch from Allan E Johannesen of Worcester Polytechnic Institute.
* CONFIG: FEATURE(`nopercenthack\') takes one parameter: reject or nospecial which describes whether to disallow \"%\" in the local part of an address.
* DEVTOOLS: Fix regression in auto-detection of libraries when only shared libraries are available. Problem reported by Bryan Costales.
* LIBMILTER: Mark communication socket as close-on-exec in case a user\'s filter starts other applications. Based on patch from Paul Howarth.- Modified patches sendmail-8.14.9.dif becomes sendmail-8.15.2.dif sendmail-8.14.7-select.dif sendmail-8.14.8-m4header.patch sendmail-fd-passing-libmilter.patch Removed patches sendmail-db6.diff sendmail-8.14.7-warning.patch
* Tue Dec 01 2015 wernerAATTsuse.de- Do not enforce dependencies like for amavis and saslauthd
  
ICM