SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sendmail-8.15.2-lp150.260.1.x86_64.rpm :

* Fri Jan 04 2019 Dr. Werner Fink - Remove alias to mail-transfer-agent.target (boo#1116675)
* Fri Jul 27 2018 jengelhAATTinai.de- Replace exec rm by delete/print.
* Mon Jul 16 2018 wernerAATTsuse.de- Remove left over from last patch- Group daemon is required
* Tue Dec 05 2017 bwiedemannAATTsuse.com- Add sendmail-8.15.2-reproducible.patch to make package build reproducible
* Wed Nov 29 2017 wernerAATTsuse.de- Add _FFR_TLS_EC m4 macro definition for site configuration as well (boo#1070065)
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017 wernerAATTsuse.de- Apply former patches only if openssl 1.1.0+ are installed
* Wed Nov 08 2017 vcizekAATTsuse.com- support build with openssl 1.1 (bsc#1067222)
* add patches from Fedora: sendmail-8.15.2-openssl-1.1.0-fix.patch sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch (rh#1473971)
* Thu Aug 17 2017 kukukAATTsuse.de- Add libnsl-devel build requires for glibc obsoleting libnsl
* Wed Jul 19 2017 wernerAATTsuse.de- Change requirements for libmilter and sendmail-devel as the library is also used by other MTA like postfix (boo#1049188)
* Thu May 11 2017 wernerAATTsuse.de- Require user and group mail
* Wed Apr 12 2017 wernerAATTsuse.de- Add bitdomain and uudomain to possible targets for refresh
* Wed Apr 12 2017 wernerAATTsuse.de- Change spec file name scheme used for getting soname down into libmilter
* Tue Apr 11 2017 jengelhAATTinai.de- Replace a find|xargs rm by -delete
* Thu Mar 23 2017 wernerAATTsuse.de- New package libmilter1_0 for the shared library version of libmilter, the Sendmail Content Management API- Also new package libmilter-doc for the substantial documentation about Sendmail Content Management API (milter)- Make sendmail-tls a noarch package
* Mon Mar 06 2017 wernerAATTsuse.de- Require m4 at build time
* Mon Feb 20 2017 kukukAATTsuse.de- Don\'t use insserv together with systemd
* Mon Sep 26 2016 wernerAATTsuse.de- Use _unitdir macro instead asking pkg config of systemd
* Tue Jul 19 2016 dimstarAATTopensuse.org- Fix License: Even https://spdx.org/licenses/Sendmail.html lists \"Sendmail\" as the valid identifier. Same as http://license.opensuse.org/ does. \"Sendmail License\" is in the column \"Full Name\". The License: tag requires the identifier.- Fix some more rpmlint warnings: + sendmail: W: suse-missing-rclink sendmail: - Ship /usr/sbin/rcsendmail symlink to /usr/sbin/service + sendmail: W: suse-missing-rclink sendmail-client - Ship /usr/sbin/rcsendmail-client symlink to /usr/sbin/service + sendmail: W: suse-wrong-suse-capitalisation: - Rename README.SuSE to README.SUSE (fix spelling also inside the file). + sendmail: W: permissions-dir-without-slash - Fix permissions and permissions.paranoid inside sendmail-suse.tar.bz2. + sendmail: W: systemd-service-without-service_del_postun: - Add corresponding macros to postun script when not building with sysvinit support. + sendmail: W: systemd-service-without-service_add_pre: - Add corresponding macros to pre script when not building with sysvinit support.
* Thu Jun 16 2016 tchvatalAATTsuse.com- Drop unused patch:
* sendmail-8.14.7-warning.patch
* Thu Jun 16 2016 tchvatalAATTsuse.com- Split uucp to separate package, no technical reason for it to not stand on its own- Drop uucp related patches: + uucp-1.07-contrib.dif + uucp-1.07-cu.patch + uucp-1.07-grade.patch + uucp-1.07-lockdev.patch + uucp-1.07.dif + uucp-texinfo-5.0.patch + drop_ftime.patch
* Thu May 19 2016 wernerAATTsuse.de- Do not use http://license.opensuse.org/ as reference for the Sendmail license even if stated by rpmlint but https://spdx.org/licenses/Sendmail.html
* Thu Apr 14 2016 wernerAATTsuse.de- Avoid warning from chkstat due slash on directory path as last character
* Thu Apr 14 2016 wernerAATTsuse.de- Update to sendmail 8.15.2 (boo#975416)
* If FEATURE(`nopercenthack\') is used then some bogus input triggered a recursion which was caught and logged as SYSERR: rewrite: excessive recursion (max 50) ... Fix based on patch from Ondrej Holas.
* DHParameters now by default uses an included 2048 bit prime. The value \'none\' previously caused a log entry claiming there was an error \"cannot read or set DH parameters\". Also note that this option applies to the server side only.
* The U= mailer field didn\'t accept group names containing hyphens, underbars, or periods. Based on patch from David Gwynne of the University of Queensland.
* CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again. Patch from Lars-Johan Liman of Netnod Internet Exchange.
* CONFIG: New option UseCompressedIPv6Addresses to select between compressed and uncompressed IPv6 addresses. The default value depends on the compile-time option IPV6_FULL: For 1 the default is False, for 0 it is True, thus preserving the current behaviour. Based on patch from John Beck of Oracle.
* CONFIG: Account for IPv6 localhost addresses in FEATURE(`block_bad_helo\'). Suggested by Andrey Chernov from FreeBSD and Robert Scheck from the Fedora Project.
* CONFIG: Account for IPv6 localhost addresses in check_mail ruleset.
* LIBMILTER: Deal with more invalid protocol data to avoid potential crashes. Problem noted by Dimitri Kirchner.
* LIBMILTER: Allow a milter to specify an empty macro list (\"\", not NULL) in smfi_setsymlist() so no macro is sent for the selected stage.
* MAKEMAP: A change to check TrustedUser in fewer cases which was made in 2013 caused a potential regression when makemap was run as root (which should not be done anyway).
* SECURITY: Properly set the close-on-exec flag for file descriptors (except stdin, stdout, and stderr) before executing mailers.
* If header rewriting fails due to a temporary map lookup failure, queue the mail for later retry instead of sending it without rewriting the header. Note: this is done while the mail is being sent and hence the transaction is aborted, which only works for SMTP/LMTP mailers hence the handling of temporary map failures is suppressed for other mailers. SMTP/LMTP servers may complain about aborted transactions when this problem occurs. See also \"DNS Lookups\" in sendmail/TUNING.
* Incompatible Change: Use uncompressed IPv6 addresses by default, i.e., they will not contain \"::\". For example, instead of ::1 it will be 0:0:0:0:0:0:0:1. This permits a zero subnet to have a more specific match, such as different map entries for IPv6:0:0 vs IPv6:0. This change requires that configuration data (including maps, files, classes, custom ruleset, etc) must use the same format, so make certain such configuration data is updated before using 8.15. As a very simple check search for patterns like \'IPv6:[0-9a-fA-F:]
*::\' and \'IPv6::\'. If necessary, the prior format can be retained by compiling with: APPENDDEF(`conf_sendmail_ENVDEF\', `-DIPV6_FULL=0\') in your devtools/Site/site.config.m4 file.
* If a connection to the MTA is dropped by the client before its hostname can be validated, treat it as \"may be forged\", so that the unvalidated hostname is not passed to a milter in xxfi_connect().
* Add a timeout for communication with socket map servers which can be specified using the -d option.
* Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow numeric logins even if HESIOD is enabled. - sendmail 8.15.1
* The new option CertFingerprintAlgorithm specifies the finger- print algorithm (digest) to use for the presented cert. If the option is not set, md5 is used and the macro {cert_md5} contains the cert fingerprint. However, if the option is set, the specified algorithm (e.g., sha1) is used and the macro {cert_fp} contains the cert fingerprint. That is, as long as the option is not set, the behaviour does not change, but otherwise, {cert_md5} is superseded by {cert_fp} even if you set CertFingerprintAlgorithm to md5.
* The options ServerSSLOptions and ClientSSLOptions can be used to set SSL options for the server and client side respectively. See SSL_CTX_set_options(3) for a list. Note: this change turns on SSL_OP_NO_SSLv2 and SSL_OP_NO_TICKET for the client. See doc/op/op.me for details.
* The option CipherList sets the list of ciphers for STARTTLS. See ciphers(1) for possible values.
* Do not log \"STARTTLS: internal error: tls_verify_cb: ssl == NULL\" if a CRLFfile is in use (and LogLevel is 14 or higher.)
* Store a more specific TLS protocol version in ${tls_version} instead of a generic one, e.g., TLSv1 instead of TLSv1/SSLv3.
* Properly set {client_port} value on little endian machines. Patch from Kelsey Cummings of Sonic.net.
* Per RFC 3848, indicate in the Received: header whether SSL or SMTP AUTH was negotiated by setting the protocol clause to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP.
* If the \'C\' flag is listed as TLSSrvOptions the requirement for the TLS server to have a cert is removed. This only works under very specific circumstances and should only be used if the consequences are understood, e.g., clients may not work with a server using this.
* The options ClientCertFile, ClientKeyFile, ServerCertFile, and ServerKeyFile can take a second file name, which must be separated from the first with a comma (note: do not use any spaces) to set up a second cert/key pair. This can be used to have certs of different types, e.g., RSA and DSA.
* A new map type \"arpa\" is available to reverse an IP (IPv4 or IPv6) address. It returns the string for the PTR lookup, but without trailing {ip6,in-addr}.arpa.
* New operation mode \'C\' just checks the configuration file, e.g., sendmail -C new.cf -bC will perform a basic syntax/consistency check of new.cf.
* The mailer flag \'I\' is deprecated and will be removed in a future version.
* Allow local (not just TCP) socket connections to the server, e.g., O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock can be used.
* If the new option MaxQueueAge is set to a value greater than zero, entries in the queue will be retried during a queue run only if the individual retry time has been reached which is doubled for each attempt. The maximum retry time is limited by the specified value.
* New DontBlameSendmail option GroupReadableDefaultAuthInfoFile to relax requirement for DefaultAuthInfo file.
* Reset timeout after receiving a message to appropriate value if STARTTLS is in use. Based on patch by Kelsey Cummings of Sonic.net.
* Report correct error messages from the LDAP library for a range of small negative return values covering those used by OpenLDAP.
* Fix compilation with Berkeley DB 5.0 and 6.0. Patch from Allan E Johannesen of Worcester Polytechnic Institute.
* CONFIG: FEATURE(`nopercenthack\') takes one parameter: reject or nospecial which describes whether to disallow \"%\" in the local part of an address.
* DEVTOOLS: Fix regression in auto-detection of libraries when only shared libraries are available. Problem reported by Bryan Costales.
* LIBMILTER: Mark communication socket as close-on-exec in case a user\'s filter starts other applications. Based on patch from Paul Howarth.- Modified patches sendmail-8.14.9.dif becomes sendmail-8.15.2.dif sendmail-8.14.7-select.dif sendmail-8.14.8-m4header.patch sendmail-fd-passing-libmilter.patch Removed patches sendmail-db6.diff sendmail-8.14.7-warning.patch
* Tue Dec 01 2015 wernerAATTsuse.de- Do not enforce dependencies like for amavis and saslauthd
* Mon May 26 2014 wernerAATTsuse.de- Add patch sendmail-fd-passing-libmilter.patch from Debian sendmail maintainer Mikhail Gusarov to support systemd socket activation support also in libmilter (bnc#879790)- Be aware that /var/run is a symbolic link to /run a tmpfs file system
* Fri May 23 2014 wernerAATTsuse.de- Update to sendmail 8.14.9
* Properly set the close-on-exec flag for file descriptors (except stdin, stdout, and stderr) before executing mailers.
* Fix a misformed comment in conf.c: \"/
*\" within comment which may cause a compilation error on some systems. Problem reported by John Beck of Oracle.
* Fix regression in auto-detection of libraries when only shared libraries are available. Problem reported by Bryan Costales.- Modify patch sendmail-8.14.8.dif which is now sendmail-8.14.9.dif
* Wed Apr 02 2014 wernerAATTsuse.de- In systemd mail-transfer-agent.target is gone even if there are MTAs around which will be started without socket/bus activation
* Tue Apr 01 2014 wernerAATTsuse.de- Update to sendmail 8.14.8 (bnc#871258)
* Properly initialize all OpenSSL algorithms for versions before OpenSSL 0.9.8o. Without this SHA2 algorithms may not work properly, causing for example failures for certs that use sha256WithRSAEncryption as signature algorithm.
* When looking up hostnames, ensure only to return those records for the requested family (AF_INET or AF_INET6). On system that have NEEDSGETIPNODE and NETINET6 this may have failed and cause delivery problems. Problem noted by Kees Cook.
* A new mailer flag \'!\' is available to suppress an MH hack that drops an explicit From: header if it is the same as what sendmail would generate.
* Add an FFR (for future release) to use uncompressed IPv6 addresses, i.e., they will not contain \"::\". For example, instead of ::1 it will be 0:0:0:0:0:0:0:1. This means that configuration data (including maps, files, classes, custom ruleset, etc) have to use the same format. This will be turned on in 8.15. It can be enabled in 8.14 by compiling with: APPENDDEF(`conf_sendmail_ENVDEF\', `-D_FFR_IPV6_FULL\') in your devtools/Site/site.config.m4 file.
* Add an additional case for the WorkAroundBrokenAAAA check when dealing with broken nameservers by ignoring SERVFAIL errors returned on T_AAAA (IPv6) lookups at delivery time. Problem noted by Pavel Timofeev of OCS.
* If available, pass LOGIN_SETCPUMASK and LOGIN_SETLOGINCLASS to setusercontext() on deliveries as a different user. Patch from Edward Tomasz Napierala from FreeBSD.
* Add support for DHParameters 2048-bit primes.
* CONFIG: Accept IPv6 literals when evaluating the HELO/EHLO argument in FEATURE(`block_bad_helo\'). Suggested by Andrey Chernov.
* LIBSMDB: Add a missing check for malloc() in libsmdb/smndbm.c. Patch from Bill Parker.
* LIBSMDB: Fix minor memory leaks in libsmdb/ if allocations fail. Patch from John Beck of Oracle.
* Portability: On Linux use socklen_t as the type for the 3rd argument for getsockname/getpeername if the glibc version is at least 2.1.- Add patch sendmail-8.14.8-m4header.patch from upstream- Update patch sendmail-8.14.7.dif to sendmail-8.14.8.dif- Modify the service files to be able to restart if a reload fails as well as use sync targets nss-user-lookup.target and nss-lookup.target. Also propagate reload from main service to client service and install both
* Sun Mar 23 2014 wernerAATTsuse.de- Use _GNU_SOURCE in CFLAGS and %_smp_mflags at make, maybe related to bnc#865232, that is do not reset signal handler but SA_RESTART
* Wed Dec 18 2013 wernerAATTsuse.de- Do not use remote-fs.target but local-fs.target to make sure that failing remote/cifs shares let sendmail fail (bnc#855688)
* Tue Oct 08 2013 wernerAATTsuse.de- Add config.starttls script to ask mail/imap server for certificates
* Tue Oct 01 2013 wernerAATTsuse.de- Add saslauthd as optional requirement in the systemd service unit- Add SENDMAIL_MTA_MODIFIER and SENDMAIL_MTA_SSL_PORT to configuration- Split off SuSE specific file into a own tar ball- Avoid SysVinit boot scripts on systemd based systems
* Mon Sep 09 2013 wernerAATTsuse.de- Edit existing /etc/sysconfig/sendmail to add Command line (bnc#839033)- Add a config.sendmail script which calls the update script verbosely
* Thu Aug 08 2013 wernerAATTsuse.de- Use /etc/os-release instead of /etc/SuSE-release (bnc#833953)
* Mon Jul 15 2013 wernerAATTsuse.de- New rpm had removed \"prereq\" flag from installation script bits that is that `Requires(prereq)\' is not valid anymore :(((
* Sun Jun 16 2013 jengelhAATTinai.de- sendmail-8.14.7.dif forces the use of SSL and SASL libraries, so make sure the BuildRequires are there
* Fri Jun 14 2013 jengelhAATTinai.de- Add sendmail-db6.diff to fix compile abort with db >= 5
* Tue May 28 2013 fcrozatAATTsuse.com- Fix errors in systemd services (bnc#820858).
* Tue Apr 23 2013 wernerAATTsuse.de- Remove FAQ.sendmail-8.14 but use a html link to upstream support
* Tue Apr 23 2013 wernerAATTsuse.de- Update to sendmail 8.14.7
* Drop support for IPv4-mapped IPv6 addresses to prevent the MTA from using a mapped address over a legitimate IPv6 address and to enforce the proper semantics over the IPv6 connection. Problem noted by Ulrich Sporlein.
* Fix a regression introduced in 8.14.6: the wrong list of macros was sent to a milter in the EHLO stage. Problem found by Fabrice Bellet, reported via RedHat (Jaroslav Skarvada).
* Fix handling of ORCPT parameter for DSNs: xtext decoding was not performed and a wrong syntax check was applied to the \"addr-type\" field. Problem noted by Dan Lukes of Obludarium.
* Fix handling of NUL characters in the MIME conversion functions so that message bodies containing them will be sent on properly. Note: this usually also affects mails that are not converted as those functions are used for other purposes too. Problem noted by Elchonon Edelson of Lockheed Martin.
* Do not perform \"duplicate\" elimination of recipients if they resolve to the error mailer using a temporary failure (4xy) via ruleset 0. Problem noted by Akira Takahashi of IIJ.
* CONTRIB: Updated version of etrn.pl script from John Beck of Oracle.- Update to sendmail 8.14.6
* Fix a regression introduced in 8.14.5: if a server offers two AUTH lines, the MTA would not read them after STARTTLS has been used and hence SMTP AUTH for the client side would fail. Problem noted by Lena.
* Do not cache hostnames internally in a non case sensitive way as that may cause addresses to change from lower case to upper case or vice versa. These header modifications can cause problems with milters that rely on receiving headers in the same way as they are being sent out such as a DKIM signing milter.
* If MaxQueueChildren is set then it was possible that new queue runners could not be started anymore because an internal counter was subject to a race condition.
* If a milter decreases the timeout it waits for a communication with the MTA, the MTA might experience a write() timeout. In some situations, the resulting error might have been ignored. Problem noted by Werner Wiethege. Note: decreasing the communication timeout in a milter should not be done without considering the potential problems.
* smfi_setsymlist() now properly sets the list of macros for the milter which invoked it, instead of a global list for all milters. Problem reported by David Shrimpton of the University of Queensland.
* If Timeout.resolver.retrans is set to a value larger than 20, then resolver.retry was temporarily set to 0 for gethostbyaddr() lookups. Now it is set to 1 instead. Patch from Peter.
* If sendmail could not lock the statistics file due to a system error, and sendmail later sends a DSN for a mail that triggered such an error, then sendmail tried to access memory that was freed before (causing a crash on some systems). Problem reported by Ryan Stone.
* Do not log negative values for size= nor pri= to avoid confusing log parsers, instead limit the values to LONG_MAX.
* Account for an API change in newer versions of Cyrus-SASL. Patch from Hajimu UMEMOTO from FreeBSD.
* Do not try to resolve link-local addresses for IPv4 (just as it is done for IPv6). Patch from John Beck of Oracle.
* Improve logging of client and server STARTTLS connection failures that may be due to incompatible cipher lists by including the reason for the failure in a single log line. Suggested by James Carey of Boeing.- Drop sendmail-8.14.5-auth2.patch0 as this is part of 8.14.6- Add sendmail-8.14.7-warning.patch to avoid useless gcc warning- Refresh sendmail-8.14.7-select.dif- Refresh sendmail-8.14.7.dif
* Fri Oct 26 2012 cooloAATTsuse.com- explicit buildrequire on groff, called from spec file
* Thu Oct 11 2012 cooloAATTsuse.com- buildrequire netcfg explicitly
* Fri Jul 13 2012 wernerAATTsuse.de- Make if build even with older distributions
* Fri Jul 13 2012 wernerAATTsuse.de- Use UTF-8 messages
* Fri Jul 13 2012 wernerAATTsuse.de- Do not depend on broken umask in rpm scriptlets
* Tue Jun 19 2012 wernerAATTsuse.de- Make SuSEconfig.sendmail a standalone update script (fate#313548)
* Fri May 25 2012 wernerAATTsuse.de- Help to do systemctl the obvoisly (bnc#754544)
* Thu Feb 09 2012 cfarrellAATTsuse.com- license update: SUSE-Sendmail SUSE- proprietary prefix added until Sendmail is accepted as valid SPDX license at http://www.spdx.org/licenses
* Mon Nov 21 2011 wernerAATTsuse.de- Allow sendmail to authenticate as client to various mail servers in TLS mode even if servers send 2 headers (bnc#731658)
* Thu Aug 18 2011 wernerAATTsuse.de- Expand systemd configuration at build time
* Fri Aug 12 2011 wernerAATTsuse.de- Use Pre exec files for configuration on the fly
* Thu Aug 11 2011 wernerAATTsuse.de- Socket activation does not work for sendmail even with -bs on the command line of sendmail and StandardInput=socket
* Mon Aug 08 2011 wernerAATTsuse.de- The approach of using makefiles requires make for sendmail
* Fri Aug 05 2011 wernerAATTsuse.de- Make /var/run a ghost entry in spec as this is a tmpfs now and create it at start of sendmail if it does not exist (bnc#710279)- First try of using systemd unit configration files for both sendmail MTA and sendmail MT client. Try to start them on demand using systemd unit socket files for both local and remote network as well as systemd unit path file for local mail queue
* Tue May 31 2011 wernerAATTsuse.de- Update to sendmail 8.14.5
* Do not cache SMTP extensions across connections as the cache is based on hostname which may not be a unique identifier for a server, i.e., different machines may have the same hostname but provide different SMTP extensions. Problem noted by Jim Hermann.
* Avoid an out-of-bounds access in case a resolver reply for a DNS map lookup returns a size larger than 1K. Based on a patch from Dr. Werner Fink of SuSE.
* If a job is aborted using the interrupt signal (e.g., control-C from the keyboard), perform minimal cleanup to avoid invoking functions that are not signal-safe. Note: in previous versions the mail might have been queued up already and would be delivered subsequently, now an interrupt will always remove the queue files and thus prevent delivery.
* Per RFC 6176, when operating as a TLS client, do not offer SSLv2.
* Since TLS session resumption is never used as a client, disable use of RFC 4507-style session tickets.
* Work around gcc4 versions which reverse 25 years of history and no longer align char buffers on the stack, breaking calls to resolver functions on strict alignment platforms. Found by Stuart Henderson of OpenBSD.
* Read at most two AUTH lines from a server greeting (up to two lines are read because servers may use \"AUTH mechs\" and \"AUTH=mechs\"). Otherwise a malicious server may exhaust the memory of the client. Bug report by Nils of MWR InfoSecurity.
* Avoid triggering an assertion in the OpenLDAP code when the connection to an LDAP server is lost while making a query. Problem noted and patch provided by Andy Fiddaman.
* If ConnectOnlyTo is set and sendmail is compiled with NETINET6 it would try to use an IPv6 address if an IPv4 (or unparseable) address is specified.
* If SASLv2 is used, make sure that the macro {auth_authen} is stored in xtext format to avoid problems with parsing it. Problem noted by Christophe Wolfhugel.
* CONFIG: FEATURE(`ldap_routing\') in 8.14.4 tried to add a missing - T that is required, but failed for some cases that did not use LDAP. This change has been undone until a better solution can be implemented. Problem found by Andy Fiddaman.
* CONTRIB: qtool.pl: Deal with H entries that do not have a letter between the question marks. Patch from Stefan Christensen.
* DOC: Use a better description for the -i option in sendmail. Patch from Mitchell Berger.- Add defines for nanaosleep and socklen_t for linux in conf.h
* Tue Dec 07 2010 cooloAATTnovell.com- prereq init scripts network and syslog
* Thu Sep 30 2010 rhaferAATTnovell.com- Removed version-specific libdb-4_5-devel from BuildRequires to be able to build against newer libdb Versions.
* Fri Jul 16 2010 wernerAATTsuse.de- Newer killproc sends only SIGTERM as required by LSB if -TERM is specified on the command line. Use the default which is SIGTERM followed by SIGKILL if the timeout of 5 seconds is reached.
* Fri Feb 05 2010 wernerAATTsuse.de- Use upstream patch for bnc#559517
* Wed Jan 27 2010 wernerAATTsuse.de- Update to bug fix release sendmail 8.14.4
* Handle bogus certificates containing NUL characters in CNs by placing a string indicating a bad certificate in the {cn_subject} or {cn_issuer} macro. Patch inspired by Matthias Andree\'s changes for fetchmail.
* During the generation of a queue identifier an integer overflow could occur which might result in bogus characters being used. Based on patch from John Vannoy of Pepperdine University.
* Prevent a crash when a hostname lookup returns a seemingly valid result which contains a NULL pointer (this seems to be happening on some Linux versions).
* Fix overflow of an internal array when parsing some replies from a milter. Problem found by Scott Rotondo
* Fix handling of `b\' modifier for DaemonPortOptions on little endian machines for loopback address. Patch from John Beck of Sun Microsystems.
* Fix a potential memory leak in libsmdb/smdb1.c found by parfait. Based on patch from Jonathan Gray of OpenBSD.
* Fix memory leak that occurred when smfi_setsymlist() was used. Based on patch by Dan Lukes.- Add patch to avoid overflow of buffer for DNS resolver (bnc#559517)
  
ICM