Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
sendmail 8.13.4 available
From: Claus Assmann (donotreplysendmail.org)
Date: Sun Mar 27 2005 - 19:48:13 CST
-----BEGIN PGP SIGNED MESSAGE-----
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.4. It fixes several bugs and omissions and adds
some additional checks to deal with situations that should not
occur. For a complete list of changes please see the release notes
Please send bug reports to sendmail-bugssendmail.org and general
feedback to sendmailsendmail.org. Please send security reports to
sendmail-securitysendmail.org using PGP encryption.
The version can be found at
You either need the first two files or the third and fourth, i.e.,
the gzip'ed version or the compressed version and the corresponding
sig file. The PGP signature was created using the Sendmail Signing
Key/2005, available on the web site (http://www.sendmail.org/) or
on the public key servers.
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.1730 2005/03/28 00:31:23 gshapiro Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
The bug fixes in 8.13.3 for connection handling uncovered a
different error which could result in connections that
stay in CLOSE_WAIT state due to a variable that was not
properly initialized. Problem noted by Michael Sims.
Deal with empty hostnames in hostsignature(). This bug could lead
to an endless loop when doing LMTP deliveries to another
host. Problem first reported by Martin Lathoud and
tracked down by Gael Roualland.
Make sure return parameters are initialized in getmxrr(). Problem
found by Gael Roualland using valgrind.
If shared memory is used and the RunAsUser option is set, then the
owner and group of the shared memory segment is set to
the ids specified RunAsUser and the access mode is set
to 0660 to allow for updates by sendmail processes.
The number of queue entries that is (optionally) kept in shared
memory was wrong in some cases, e.g., envelope splitting
and bounce generation.
Undo a change made in 8.13.0 to silently truncate long strings
in address rewriting because the message can be triggered
for header checks where long strings are legitimate.
Problem reported by Mary Verge DeSisto, and tracked
down with the help of John Beck of Sun Microsystems.
The internal stab map did not obey the -m flag. Patch from
Rob McMahon of Warwick University, England.
The socket map did not obey the -f flag. Problem noted by
Dan Ringdahl, forwarded by Andrzej Filip.
The addition of LDAP recursion in 8.13.0 broke enforcement of
the LDAP map -1 argument which tells the MTA to only
return success if and only if a single LDAP match is found.
Add additional error checks in the MTA for milter communication
to avoid a possible segmentation fault. Based on patch
by Joe Maimon.
Do not trigger an assertion if X509_digest() returns success but
does not assign a value to its output parameter. Based
on patch by Brian Kantor.
Add more checks when resetting internal AUTH data (applies only
to Cyrus SASL version 2). Otherwise an SMTP session might
be dropped after an AUTH failure.
Add LA_LONGLONG as valid LA_TYPE type for systems that use
"long long" to read load average data, e.g.,
AIX 5.1 in 32 bit mode. Note: this has to be set
"by hand", it is not (yet) automatically detected.
Problem noted by Burak Bilen.
Use socklen_t for accept(), etc. on AIX 5.x. This should
fix problems when compiling in 64 bit mode.
Problem first reported by Harry Meiert of
University of Bremen.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (OpenBSD)
-----END PGP SIGNATURE-----