NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Sendmail Announce> 2005-q1

sendmail 8.13.3 available

From: Claus Assmann (donotreplysendmail.org)
Date: Wed Jan 12 2005 - 11:40:48 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.3. It contains fixes for a regression that was
introduced in 8.13.2. Moreover, sendmail now keeps proper track of
closed connections and will not reuse them erroneously. As this is
the first sendmail release in 2005 a new key has been used to sign it;
the key is available in the file PGPKEYS and from the PGP keyservers.
KeyID: 0x1EF99251, fingerprint: 4B380E0B41E8FC79 E97E829B0423EC8A.

Note: Before these bug fixes more mails could be delivered to a
domain despite errors on the connection. In some cases the old
behavior is preferred because it more "aggressively" delivers mail,
but the new one is "correct" with respect to the algorithm that is
supposed to be implemented. On systems with large queues for single
domains this may cause a noticeable change in behavior if the MTAs
of the recipient domain close connections with an error that sendmail
considers persistent, e.g., 421.

Please send bug reports to sendmail-bugssendmail.org and general
feedback to sendmailsendmail.org. Please send security reports to
sendmail-securitysendmail.org using PGP encryption.

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.3.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.3.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.3.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.3.tar.Z.sig

MD5 signatures:

2809fbf9c8b067947b650d0128928d05 sendmail.8.13.3.tar.gz
f00716c2e96ed89de5a529605cabdefe sendmail.8.13.3.tar.gz.sig
d3b28815512f5fc015b6b1c8d8ef9c1a sendmail.8.13.3.tar.Z
fbe5f269c096469ca559b9ac3d0bf534 sendmail.8.13.3.tar.Z.sig

You either need the first two files or the third and fourth, i.e.,
the gzip'ed version or the compressed version and the corresponding
sig file. The PGP signature was created using the Sendmail Signing
Key/2005, available on the web site (http://www.sendmail.org/) or
on the public key servers.

Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.

   PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
   SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
   TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
   PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
   COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
   SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
   YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
   AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
   ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.

SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.1709 2005/01/12 04:32:31 ca Exp $

This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.

8.13.3/8.13.3 2005/01/11
        Enhance handling of I/O errors, especially EOF, when STARTTLS
                is active.
        Make sure a connection is not reused after it has been closed
                due to a 421 error. Problem found by Allan E Johannesen
                of Worcester Polytechnic Institute.
        Avoid triggering an assertion when sendmail is interrupted while
                closing a connection. Problem found by Allan E Johannesen
                of Worcester Polytechnic Institute.
        Regression: a change in 8.13.2 caused sendmail not to try the
                next MX host (or FallbackMXhost if configured) when, at
                connection open, the current server returns a 4xy or 5xy
                SMTP reply code. Problem noted by Mark Tranchant.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (OpenBSD)

iQCVAwUBQeTC4nCgJE0e+ZJRAQH79AP+Ox3rftqEQ20amxKBBeQ5imqlHh5W5lui
oMP4oD908vBB5lD4GYrCBMCJtpCpnU557kaHCSedELX61eT12oxwVWax0eVXWtwu
Mg9/grXbMkVQG8gFemgqMaVk8qDyFGP7TpXjJhqNWPf3OrKo5MMRE1F+V2372S9n
43YKScUg7QQ=
=wJdS
-----END PGP SIGNATURE-----

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]