Sendmail announcements

Claus Assmann | 17 May 15:34

Picon

sendmail 8.14.5 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.5. This version fixes a few problems, including:

 o SMTP extensions are no longer cached across connections as the
   cache is based on hostname which may not be a unique identifier for
   a server, i.e., different machines may have the same hostname but
   provide different SMTP extensions.

 o An out-of-bounds access is avoided in case a resolver reply for a DNS
   map lookup returns a size larger than 1K.

 o The interrupt signal handler has been cleaned up to avoid invoking
   functions that are not signal-safe.

 o At most two AUTH lines are read from a server to avoid
   a DoS attack against the client (memory exhaustion).

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.5.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.5.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.5.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.5.tar.Z.sig

(Continue reading)

Claus Assmann | 31 Dec 00:37

Picon

sendmail 8.14.4 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.4. This version fixes some problems:

o some certificate authorities do not properly check the requests
  they are signing and hence allow spoofing via an embedded NUL in
  the CN entry. Some checks have been added to deal with "bogus"
  CNs (see below and doc/op/op.*).
o a workaround for a Linux resolver problem has been added to
  avoid core dumps.
o the value of headers, e.g., Precedence, Content-Type, et.al., was
  not extracted correctly thus preventing them from being recognized
  properly; leading spaces were not stripped (which was an unintended
  side effect of an earlier change) and hence comparing them with
  expected values (e.g., "first-class" for Precedence) did not work.
o between 8.11.7 and 8.12.0 the length limitation on a return
  path was erroneously reduced.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.4.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.4.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.4.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.4.tar.Z.sig

(Continue reading)

Claus Assmann | 4 May 06:05

Picon

sendmail 8.14.3 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.3. This version fixes some bugs:

o the MTA accessed storage after it free()d it. This was a regression
  introduced in 8.14.2, but the bug only showed up on a few operating
  systems.
o ruleset processing: the function cataddr() could cause the
  addition of the BlankSub character between some tokens when it
  should not happen and thus failures in rule matching.  It seems
  that none of the default rules were affected by this bug and hence
  the problem did not show up for default configurations.
o the libmilter state engine did not deal correctly with milters
  that requested the omission of protocol steps during the negotiation
  callback.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.3.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.3.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.3.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.3.tar.Z.sig

MD5 signatures:

(Continue reading)

Claus Assmann | 2 Nov 03:34

Picon

sendmail 8.14.2 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.2 which fixes some problems, e.g.,

an important bug in the milter function smfi_chgfrom() which could
  cause the loss of a message body.
the handling of queued messages with 8 bit characters in From:
  or To: header which could be "mistaken" for internal control
  characters during a queue run and trigger various consistency checks.
the handling of lines longer than MAXLINE-1 characters in certain
  cases.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.2.tar.Z.sig

MD5 signatures:
cf784b9f20c32949ae1f38f3eae29875 sendmail.8.14.2.tar.Z
f788d6986f12a81ac958195b045a529d sendmail.8.14.2.tar.Z.sig
1c1472365344ca8061d6453c43c9a831 sendmail.8.14.2.tar.gz
2ae4b6175a08e8a6cda992db20141d81 sendmail.8.14.2.tar.gz.sig

(Continue reading)

Claus Assmann | 4 Apr 05:17

Picon

sendmail 8.14.1 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.1 which fixes some bugs, e.g.,

o If a milter rejected a recipient the MTA still kept it in its list
  of recipients and delivered to it if the transaction was accepted.
o The new DaemonPortOptions which begin with a lower case character
  can now be set.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.1.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.1.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.1.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.1.tar.Z.sig

MD5 signatures:
42c93c00c09f884fe311ab2d3a6b6fef sendmail.8.14.1.tar.Z
54052771a405960d11f12e509afdb78f sendmail.8.14.1.tar.Z.sig
462bc9e00fdbef3a71b046b967c9a157 sendmail.8.14.1.tar.gz
109ea42fa9b377ac11b522b7857270a3 sendmail.8.14.1.tar.gz.sig

You either need the first two files or the third and fourth, i.e.,
the gzip'ed version or the compressed version and the corresponding

(Continue reading)

Claus Assmann | 1 Feb 16:52

Picon

sendmail 8.14.0 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.0 which has two "big" new features:

o headers are 8 bit "transparent".
o the milter API has been extended; some of these new features are:
  - New callback xxfi_negotiate() to determine the available
    protocol actions and features of the MTA at runtime
    and also to specify which of these a milter wants to use.
  - New callback xxfi_data() for the DATA command.
  - New callback xxfi_unknown() for unknown SMTP commands.
  - New return code SMFIS_SKIP can be used in the xxfi_body()
    callback to skip over further body chunks and directly advance
    to the xxfi_eom() callback.
  - A milter can be informed about rejected recipients too.
  - A milter can now specify itself the list of macros it wants
    to receive from the MTA.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.tar.Z.sig

(Continue reading)

Claus Assmann | 1 Jan 01:53

Picon

sendmail 8.14.0.Beta4 available for testing


sendmail 8.14.0.Beta4 is available for testing.  8.14 has basically
two "big" new features:

headers are 8 bit "transparent".
the milter API has been extended.

A complete list of changes can be found in the release notes (see
below).

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.Beta4.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.0.Beta4.tar.gz.sig

MD5 signatures:
ff4cdc09e1eb494fde638748febec5aa sendmail.8.14.0.Beta4.tar.gz
d03fe46fcfbd69d72a5adf5b7aedfe22 sendmail.8.14.0.Beta4.tar.gz.sig

Remember to check the PGP signatures releases obtained via FTP or
HTTP.  The PGP signature was created using the Sendmail Signing
Key/2006, available on the web site (http://www.sendmail.org/) or
on the public key servers.

Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.

(Continue reading)

Claus Assmann | 9 Aug 18:19

Picon

sendmail 8.13.8 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.8.  It fixes some problems introduced in 8.13.7,
as well as some other bugs.  For a complete list of changes see the
release notes down below.

Remember to check the PGP signatures releases obtained via FTP or
HTTP.

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at:

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.8.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.8.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.8.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.8.tar.Z.sig

MD5 signatures:

3607b2a33a1b060bba5d0fc27aaf87c5 sendmail.8.13.8.tar.Z
4bb40aab3465ec0a83f92fe11ce2de55 sendmail.8.13.8.tar.Z.sig
5f29c94b42e0bb74d546b2ae84203a1e sendmail.8.13.8.tar.gz
e4fca2afb92ba70a5c78bdfcd6720501 sendmail.8.13.8.tar.gz.sig

You either need the first two files or the third and fourth, i.e.,
the gzip'ed version or the compressed version and the corresponding
sig file.  The PGP signature was created using the Sendmail Signing
Key/2006, available on the web site (http://www.sendmail.org/) or

(Continue reading)

Claus Assmann | 14 Jun 18:05

Picon

sendmail 8.13.7 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.7.  It fixes a potential denial of service problem
caused by excessive recursion which leads to stack exhaustion when
attempting delivery of a malformed MIME message.  Therefore, the
function mime8to7() has been modified to limit the recursion level
at (the compile time constant) MAXMIMENESTING.  Note: This denial
of service attack only affects delivery of mail from the queue and
delivery of the malformed message.  Other incoming mail is still
accepted and delivered.  However, mail messages in the queue may
not be reattempted if a malformed MIME message exists.

For a complete list of changes see the release notes down below.

Remember to check the PGP signatures releases obtained via FTP or
HTTP.

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at:

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.7.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.7.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.7.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.7.tar.Z.sig

MD5 signatures:

5327e065cb0c1919122c8cecbeddbc28 sendmail.8.13.7.tar.gz

(Continue reading)

Claus Assmann | 22 Mar 17:02

Picon

sendmail 8.13.6 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.6.  It contains a fix for a security problem
discovered by Mark Dowd of ISS X-Force.  Sendmail thanks ISS for
bringing this problem to our attention and reviewing the patch for
it.  sendmail 8.13.6 also includes fixes for other potential problems,
see the release notes below for more details.  Sendmail urges all
users to upgrade to sendmail 8.13.6.  If this is not possible,
patches for 8.13 and 8.12 are availabe at our FTP site.  However,
note that those patches may not (cleanly) apply to versions other
than 8.13.5 and 8.12.11, respectively.  There are no patches for
versions before 8.12 because those outdated versions use a different
I/O layer and hence it would require a major effort to rewrite that
layer.  For those not running the open source version, check with
your vendor for a patch.

For a complete list of changes see the release notes down below.

Remember to check the PGP signatures releases obtained via FTP or
HTTP.

Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html

The version can be found at:

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.Z.sig

(Continue reading)

Claus Assmann | 17 Sep 05:09

Picon

sendmail 8.13.5 available


Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.13.5.  It fixes some bugs and adds support for various
newer operating system versions.  For a complete list of changes
please see the release notes below.

Please send bug reports to sendmail-bugs-2005 <at> support.sendmail.org
and general feedback to sendmail-2005 <at> support.sendmail.org. Please
send security reports to sendmail-security <at> sendmail.org using PGP
encryption.

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.5.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.5.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.5.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.5.tar.Z.sig

MD5 signatures:

2659473af89127900511397cf05d535a sendmail.8.13.5.tar.Z
43a45d5f3537a757a7cd1699a0e394fe sendmail.8.13.5.tar.Z.sig
f4550d8dcc55771f4a81e999c7d6df20 sendmail.8.13.5.tar.gz
564bbe27d41be7570a7640ed8a2a9caf sendmail.8.13.5.tar.gz.sig

You either need the first two files or the third and fourth, i.e.,
the gzip'ed version or the compressed version and the corresponding
sig file.  The PGP signature was created using the Sendmail Signing
Key/2005, available on the web site (http://www.sendmail.org/) or
on the public key servers.

(Continue reading)

Group

gmane.mail.sendmail.announce.

Search Archive

Page

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

May 2012

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

sendmail 8.14.5 available (17 May 15:34)
sendmail 8.14.4 available (31 Dec 00:37)
sendmail 8.14.3 available (4 May 06:05)
sendmail 8.14.2 available (2 Nov 03:34)
sendmail 8.14.1 available (4 Apr 05:17)
sendmail 8.14.0 available (1 Feb 16:52)
sendmail 8.14.0.Beta4 available for testing (1 Jan 01:53)
sendmail 8.13.8 available (9 Aug 18:19)
sendmail 8.13.7 available (14 Jun 18:05)
sendmail 8.13.6 available (22 Mar 17:02)
sendmail 8.13.5 available (17 Sep 05:09)
sendmail 8.13.4 available (28 Mar 03:48)
sendmail 8.13.3 available (12 Jan 18:40)
sendmail 8.13.2 available (15 Dec 20:04)
sendmail 8.13.1 available (31 Jul 19:35)
sendmail 8.13.0 available (21 Jun 01:52)
sendmail 8.13.0.Beta3 available (3 Jun 01:19)
sendmail 8.12.11 available (19 Jan 02:08)
sendmail 8.12.11.Beta0 available (20 Dec 04:48)
sendmail 8.12.10 available (17 Sep 18:22)
DNS map problem in 8.12.x before 8.12.9 (25 Aug 18:00)

Archives

1	May 2011
1	December 2009
1	May 2008
1	November 2007
1	April 2007
1	February 2007
1	January 2007
1	August 2006
1	June 2006
1	March 2006
1	September 2005
1	March 2005
1	January 2005
1	December 2004
1	July 2004
2	June 2004
1	January 2004
1	December 2003
1	September 2003
1	August 2003
1	July 2003
3	March 2003
1	December 2002
1	August 2002

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template