Sendmail - 8.14.3
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.3. This version fixes some bugs:
- the MTA accessed storage after it free()d it. This was a regression
introduced in 8.14.2, but the bug only showed up on a few operating
systems.
- ruleset processing: the function cataddr() could cause the
addition of the BlankSub character between some tokens when it
should not happen and thus failures in rule matching. It seems
that none of the default rules were affected by this bug and hence
the problem did not show up for default configurations.
- the libmilter state engine did not deal correctly with milters
that requested the omission of protocol steps during the negotiation
callback.
For a full list of changes see the release notes down below.
Please send bug reports and general feedback to one of the usual addresses.
The version can be found at
or on a mirror near to you.
MD5 signatures:
ed4ad6abef116723b34fb52ead0fbb07 sendmail.8.14.3.tar.Z
3fbff190a332daa1b20c308f510cb7a1 sendmail.8.14.3.tar.Z.sig
a5ee5d26e1f546a2da5fb9a513bd6bce sendmail.8.14.3.tar.gz
c05f03de138d49b6dd97bf01744e7932 sendmail.8.14.3.tar.gz.sig
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.1926 2008/05/03 03:34:26 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.14.3/8.14.3 2008/05/03
During ruleset processing the generation of a key for a map
lookup and the parsing of the default value was broken
for some macros, e.g., $|, which caused the BlankSub
character to be inserted into the workspace and thus
failures, e.g., rules that should have matched did not.
8.14.2 caused a regression: it accessed (macro) storage which was
freed before. First instance of the problem reported by
Matthew Dillon of DragonFlyBSD; variations of the same
bug reported by Todd C. Miller of OpenBSD, Moritz
Jodeit, and Dave Hayes.
Improve pathname length checks for persistent host status. Patch
from Joerg Sonnenberger of DragonFlyBSD.
Reword misleading SMTP reply text for FEATURE(`badmx'). Problem
noted by Beth Halsema.
The read timeout was fixed to be Timeout.datablock if STARTTLS
was activated. This may cause problems if that value
is lowered from its default. Problem noted by Jens Elkner.
CONFIG: Using LOCAL_TLS_CLIENT caused the tls_client ruleset
to operate incorrectly. Problem found by Werner Wiethege.
LIBMILTER: Omitting some protocol steps via the xxfi_negotiate()
callback did not work properly. The patchlevel of
libmilter has been set to 1 so a milter can determine
whether libmilter contains this fix.
MAKEMAP: If a delimiter is specified (-t) use that also when
dumping a map. Patch from Todd C. Miller of OpenBSD.
Portability:
Add support for Darwin 9.x (Mac OS X 10.5).
Support shared libraries in Darwin 8 and 9. Patch from
Chris Behrens of Concentric.
Add support for SCO OpenServer 6, patch from Boyd Gerber.
DEVTOOLS: Clarify that confSHAREDLIBDIR requires a trailing path.
Added Files:
devtools/OS/Darwin.9.x
devtools/OS/OSR.i386