SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sendmail-8.13.1-1.i586.rpm :
Mon Aug 2 14:00:00 2004 PLD Team
All persons listed below can be reached at AATTpld.org.pl

$Log: sendmail.spec,v $
Revision 1.135 2004/08/02 15:26:06 kloczek
- updated to 8.13.1.

Revision 1.134 2004/06/21 14:00:45 kloczek
- updated to 8.13.0.

Revision 1.133 2004/04/18 05:49:09 kloczek
- release 3: rebuild against openldap 2.2.

Revision 1.132 2004/01/19 18:15:51 kloczek
- updated to 8.12.11.

Revision 1.131 2003/12/08 21:18:58 kloczek
- release 3: rebuild against db 4.2.50.

Revision 1.130 2003/12/06 14:47:16 kloczek
- BuildRequires: db-devel >= 4.2.50.

Revision 1.129 2003/09/17 23:22:09 kloczek
- move rename some files from %install to %prep (now -bi --short-circuit works
correctly).

Revision 1.128 2003/09/17 22:29:25 kloczek
- seems remove
*~ files from cf/ tree in %pres isn\'t neccessary.

Revision 1.127 2003/09/17 21:50:06 kloczek
- added no_groff_for_install_man_ages patch: goff doesn\'t now neccessatry
for install man pages provided in dist tar ball (
*roff is only used
for generate cat files),
- move remove
*~ files from cf/ tree to %prep.

Revision 1.126 2003/09/17 19:41:36 kloczek
- yupdated to 8.12.10,
- SECURITY FIXES:
- fix a buffer overflow in address parsing. Problem
detected by Michal Zalewski, patch from Todd C. Miller
of Courtesan Consulting.
- fix a potential buffer overflow in ruleset parsing. This problem
is not exploitable in the default sendmail configuration;
only if non-standard rulesets recipient (2), final (4), or
mailer-specific envelope recipients rulesets are used then
a problem may occur. Problem noted by Timo Sirainen.
- add several checks to avoid (theoretical) buffer over/underflows.
- other minor fixes.

Revision 1.125 2003/09/14 12:28:56 kloczek
- remove db3 bcond (use allways db).

Revision 1.124 2003/09/13 20:35:15 kloczek
- fixes for using coreutils.

Revision 1.123 2003/08/09 18:12:29 kloczek
- %config and %verifi rules cleanups and unifications.

Revision 1.122 2003/07/25 09:36:55 kloczek
- unify Requires rules for /sbin/chkconfig.

Revision 1.121 2003/03/29 19:44:14 misi3k
- security update to 8.12.9
BUGS (bugtraq):
SECURITY: Fix a buffer overflow in address parsing due to
a char to int conversion problem which is potentially
remotely exploitable. Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to
data that it receives from untrusted sources, which
includes DNS.
To provide partial protection to internal, unpatched sendmail MTAs,
8.12.9 changes by default (char)0xff to (char)0x7f in
headers etc. To turn off this conversion compile with
-DALLOW_255 or use the command line option -d82.101.
To provide partial protection for internal, unpatched MTAs that may be
performing 7->8 or 8->7 bit MIME conversions, the default
for MaxMimeHeaderLength has been changed to 2048/1024.
Note: this does have a performance impact, and it only
protects against frontal attacks from the outside.
To disable the checks and return to pre-8.12.9 defaults,

Revision 1.120 2003/03/14 19:53:03 djurban
- fixed build on without ldap

Revision 1.119 2003/03/05 07:28:29 kloczek
- merge ko translations from MIZI.

Revision 1.118 2003/03/03 18:52:16 qboosh
- security update to 8.12.8 (remote root by buf.ov. in message header parsing)

Revision 1.117 2003/02/13 14:05:25 juandon
- force to use openssl >= 0.9.7, idea by kloczek

Revision 1.116 2003/02/10 20:44:12 qboosh
- umask in scripts, other fixes/cosmetics where needed

Revision 1.115 2003/02/01 20:44:22 qboosh
- added -I/usr/include/sasl (it\'s ready for sasl2 now)
- changed pwcheck_method from pam to saslauthd (required by SASLv2)
- extended pam.d/smtp file basing on pam.d/cyrus (account is required by SASLv2)
- release 2


  
ICM