-----BEGIN PGP SIGNED MESSAGE-----

Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.12.4. It contains several bug fixes which are listed
in the release notes given below. Please take a look at the new
section FILE AND MAP PERMISSIONS in the topmost README file. A
corresponding security advisory has been released. The default
permissions for database files (including aliases) have been changed
from 0644 to 0640.

The version can be found at:

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.4.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.4.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.12.4.tar.sig

MD5 signatures:

74121c90862fecafb3db69dc144fc910 sendmail.8.12.4.tar.gz
88549352ff7f17f94faddb885e9b49dd sendmail.8.12.4.tar.Z
ec9073daf27242a95f738369ff41723c sendmail.8.12.4.tar.sig

You only need one of the first two files (either the gzip'ed version or the
compressed version). The .sig file contains the PGP signature of the tar
file (after uncompressing it). The PGP signature was created using the
Sendmail Signing Key/2002, available on the web site
(http://www.sendmail.org/) or on the public key servers.

Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.

   PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
   SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
   TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
   PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
   COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
   SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
   YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
   AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
   ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

                        SENDMAIL RELEASE NOTES
      $Id: RELEASE_NOTES,v 8.1336 2002/06/03 13:21:25 ca Exp $

This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.

8.12.4/8.12.4 2002/06/03
        SECURITY: Inherent limitations in the UNIX file locking model
                can leave systems open to a local denial of service
                attack. Be sure to read the "FILE AND MAP PERMISSIONS"
                section of the top level README for more information.
                Problem noted by lumpy.
        Use TempFileMode (defaults to 0600) for the permissions of PidFile
                instead of 0644.
        Change the default file permissions for new alias database files
                from 0644 to 0640. This can be overridden at compile time
                by setting the DBMMODE macro.
        Fix a potential core dump problem if the environment variable
                NAME is set. Problem noted by Beth A. Chaney of
                Purdue University.
        Expand macros before passing them to libmilter. Problem noted
                by Jose Marcio Martins da Cruz of Ecole Nationale
                Superieure des Mines de Paris.
        Rewind the df (message body) before truncating it when libmilter
                replaces the body of a message. Problem noted by Gisle Aas
                of Active State.
        Change SMTP reply code for AUTH failure from 500 to 535 and the
                initial zero-length response to "=" per RFC 2554. Patches
                from Kenneth Murchison of Oceana Matrix Ltd.
        Do not try to fix broken message/rfc822 MIME attachments by
                inserting a MIME-Version: header when MaxMimeHeaderLength
                is set and no 8 to 7 bit conversion is needed. Based on
                patch from Rehor Petr of ICZ (Czech Republic).
        Do not log "did not issue MAIL/EXPN/VRFY/ETRN" if the connection
                is rejected anyway. Noted by Chris Loelke.
        Mention the submission mail queue in the mailq man page. Requested
                by Bill Fenner of AT&T.
        Set ${msg_size} macro when reading a message from the command line
                or the queue.
        Detach from shared memory before dropping privileges back to
                user who started sendmail.
        If AllowBogusHELO is set to false (default) then also complain if
                the argument to HELO/EHLO contains white space. Suggested
                by Seva Gluschenko of Cronyx Plus.
        Allow symbolicly linked forward files in writable directory paths
                if both ForwardFileInUnsafeDirPath and
                LinkedForwardFileInWritableDir DontBlameSendmail options
                are set. Problem noted by Werner Spirk of
                Leibniz-Rechenzentrum Munich.
        Portability:
                Operating systems that lack the ftruncate() call will not
                        be able to use Milter's body replacement feature.
                        This only affects Altos, Maxion, and MPE/iX.
                Digital UNIX 5.0 has changed flock() semantics to be
                        non-compliant. Problem noted by Martin Mokrejs of
                        Charles University in Prague.
                The sparc64 port of FreeBSD 5.0 now supports shared
                        memory.
        CONFIG: FEATURE(`preserve_luser_host') needs the macro map.
                Problem noted by Andrzej Filip.
        CONFIG: Using 'local:' as a mailertable value with
                FEATURE(`preserve_luser_host') and LUSER_RELAY caused mail
                to be misaddressed. Problem noted by Andrzej Filip.
        CONFIG: Provide a workaround for DNS based rejection lists that
                fail for AAAA queries. Problem noted by Chris Boyd.
        CONFIG: Accept the machine's hostname as resolvable when checking
                the sender address. This allows locally submitted mail to
                be accepted if the machine isn't connected to a nameserver
                and doesn't have an /etc/hosts entry for itself. Problem
                noted by Robert Watson of the TrustedBSD Project.
        CONFIG: Use deferred expansion for checking the ${deliveryMode}
                macro in case the SMTP VERB command is used. Problem
                noted by Bryan Costales.
        CONFIG: Avoid a duplicate 'domain' virtusertable lookup if no
                matches are found. Fix from Andrzej Filip.
        CONFIG: Fix wording in default dnsbl rejection message. Suggested
                by Lou Katz of Metron Computerware, Ltd.
        CONFIG: Add mailer cyrusv2 for Cyrus V2. Contributed by
                Kenneth Murchison of Oceana Matrix Ltd.
        CONTRIB: Fix wording in default dnsblaccess rejection message to
                match dnsbl change.
        DEVTOOLS: Add new option for access mode of statistics file,
                confSTMODE, which specifies the permissions when initially
                installing the sendmail statistics file.
        LIBMILTER: Mark the listening socket as close-on-exec in case
                a user's filter starts other applications.
        LIBSM: Allow the MBDB initialize, lookup, and/or terminate
                functions in SmMbdbTypes to be set to NULL.
        MAKEMAP: Change the default file permissions for new databases from
                0644 to 0640. This can be overridden at compile time
                by setting the DBMMODE macro.
        SMRSH: Fix man page bug: replace SMRSH_CMDBIN with SMRSH_CMDDIR.
                Problem noted by Dave Alden of Ohio State University.
        VACATION: When listing the vacation database (-l), don't show
                bogus timestamps for excluded (-x) addresses. Problem
                noted by Bryan Costales.
        New Files:
                cf/mailer/cyrusv2.m4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (OpenBSD)

iQCVAwUBPPuNBM8etQMiMnoBAQFtjQQAuFXxd86tt5TBf92oQDYGlJfC6rrFnw6r
mTDnF8HawNw062qtTMFNEmw2U4JDa3hpOmX7lEteK1TbRRk5/We/7zGgJoacPLx6
8y60DmdVKbsKxNWjBDnSDboS9iIM+fbUAKw6TIP1z1S48ZyhRglEIbJuAZed30o0
URolpAdfqVg=
=/WpP
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]