info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
sendmail 8.14.6 available
43 views
Skip to first unread message
Claus Assmann
Dec 23, 2012, 6:44:24 PM12/23/12
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.6. This version fixes a few problems, including:
o If a server offers two AUTH lines, the MTA would not read them
after STARTTLS has been used and hence SMTP AUTH for the client
side would fail.
o Hostnames are no longer cached internally in a non case
sensitive way as that may cause addresses to change from
lower case to upper case or vice versa.
o It was possible that new queue runners could not be started
anymore if MaxQueueChildren was set.
A complete list of changes can be found in the release notes (see
below).
Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html
The version can be found at
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.Z.sig
MD5 signatures:
MD5 (sendmail.8.14.6.tar.Z) = fea8951e7ccd0d6150fb63da1fb4c29a
MD5 (sendmail.8.14.6.tar.Z.sig) = 83cb2970fc06dcf842ce72f05938121b
MD5 (sendmail.8.14.6.tar.gz) = 9eeed3d1baecbf4e17d829d2ec005553
MD5 (sendmail.8.14.6.tar.gz.sig) = efb5697ceec739b72d888e95e779daeb
You either need the first two files or the third and fourth,
i.e., the gzip'ed version or the compressed version and the
corresponding sig file. The PGP signature was created using
the Sendmail Signing Key/2012, available on the web site
(http://www.sendmail.com/sm/open_source/download/) or on
the public key servers.
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.2011 2012/12/21 18:42:16 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.14.6/8.14.6 2012/12/23
Fix a regression introduced in 8.14.5: if a server offers
two AUTH lines, the MTA would not read them after
STARTTLS has been used and hence SMTP AUTH for
the client side would fail. Problem noted by Lena.
Do not cache hostnames internally in a non case sensitive way
as that may cause addresses to change from lower case
to upper case or vice versa. These header modifications
can cause problems with milters that rely on receiving
headers in the same way as they are being sent out such
as a DKIM signing milter.
If MaxQueueChildren is set then it was possible that new queue
runners could not be started anymore because an
internal counter was subject to a race condition.
If a milter decreases the timeout it waits for a communication
with the MTA, the MTA might experience a write() timeout.
In some situations, the resulting error might have been
ignored. Problem noted by Werner Wiethege.
Note: decreasing the communication timeout in a milter
should not be done without considering the potential
problems.
smfi_setsymlist() now properly sets the list of macros for
the milter which invoked it, instead of a global
list for all milters. Problem reported by
David Shrimpton of the University of Queensland.
If Timeout.resolver.retrans is set to a value larger than 20,
then resolver.retry was temporarily set to 0 for
gethostbyaddr() lookups. Now it is set to 1 instead.
Patch from Peter.
If sendmail could not lock the statistics file due to a system
error, and sendmail later sends a DSN for a mail that
triggered such an error, then sendmail tried to access
memory that was freed before (causing a crash on some
systems). Problem reported by Ryan Stone.
Do not log negative values for size= nor pri= to avoid confusing
log parsers, instead limit the values to LONG_MAX.
Account for an API change in newer versions of Cyrus-SASL.
Patch from Hajimu UMEMOTO from FreeBSD.
Do not try to resolve link-local addresses for IPv4 (just as it
is done for IPv6). Patch from John Beck of Oracle.
Improve logging of client and server STARTTLS connection failures
that may be due to incompatible cipher lists by including
the reason for the failure in a single log line. Suggested
by James Carey of Boeing.
Portability:
Add support for Darwin 11.x and 12.x (Mac OS X 10.7 and 10.8).
Add support for SunOS 5.12 (aka Solaris 12). Patch from
John Beck of Oracle.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (OpenBSD)
iQEcBAEBAgAGBQJQ10J7AAoJEI5a6fvO7vQ7iJoH/RwdM+5AGy/YIWybTRP14OqL
Y4Lx1oIgRu/BFbsFGNtOCIyzDDIy3CHkkbhmeCXcBCI3gI8n7Gpt23fSv3nPRrC2
o/b/GUFawcw2495ofnKdwvQZWRDbRqQeupYYB++9uzNYfHePpPuPc9vzUEEZBjtS
NOBJ9ZBP6mJFkbgmpRL8U6WWQvQbPsK67YBwimy0qgLpFaNamVaVoOMigRoAHhq6
Fk8M8wNkSHLmSunTopNp81GJHlIpmdA2EUvnxrjGRI3Z4oyOfzlI/I1cNQshbOxN
oyebTKs1RofYiQ1HSfwAGOJNLkoqY1WUXSGDK9U99mVFpwNH3fDL/3ybiqMGL8Y=
=9iCX
-----END PGP SIGNATURE-----
Hash: SHA1
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.6. This version fixes a few problems, including:
o If a server offers two AUTH lines, the MTA would not read them
after STARTTLS has been used and hence SMTP AUTH for the client
side would fail.
o Hostnames are no longer cached internally in a non case
sensitive way as that may cause addresses to change from
lower case to upper case or vice versa.
o It was possible that new queue runners could not be started
anymore if MaxQueueChildren was set.
A complete list of changes can be found in the release notes (see
below).
Please send bug reports and general feedback to one of the addresses
listed at: http://www.sendmail.org/email-addresses.html
The version can be found at
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.6.tar.Z.sig
MD5 signatures:
MD5 (sendmail.8.14.6.tar.Z) = fea8951e7ccd0d6150fb63da1fb4c29a
MD5 (sendmail.8.14.6.tar.Z.sig) = 83cb2970fc06dcf842ce72f05938121b
MD5 (sendmail.8.14.6.tar.gz) = 9eeed3d1baecbf4e17d829d2ec005553
MD5 (sendmail.8.14.6.tar.gz.sig) = efb5697ceec739b72d888e95e779daeb
You either need the first two files or the third and fourth,
i.e., the gzip'ed version or the compressed version and the
corresponding sig file. The PGP signature was created using
the Sendmail Signing Key/2012, available on the web site
(http://www.sendmail.com/sm/open_source/download/) or on
the public key servers.
Since sendmail 8.11 and later includes hooks to cryptography, the
following information from OpenSSL applies to sendmail as well.
PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
SENDMAIL RELEASE NOTES
$Id: RELEASE_NOTES,v 8.2011 2012/12/21 18:42:16 ca Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.14.6/8.14.6 2012/12/23
Fix a regression introduced in 8.14.5: if a server offers
two AUTH lines, the MTA would not read them after
STARTTLS has been used and hence SMTP AUTH for
the client side would fail. Problem noted by Lena.
Do not cache hostnames internally in a non case sensitive way
as that may cause addresses to change from lower case
to upper case or vice versa. These header modifications
can cause problems with milters that rely on receiving
headers in the same way as they are being sent out such
as a DKIM signing milter.
If MaxQueueChildren is set then it was possible that new queue
runners could not be started anymore because an
internal counter was subject to a race condition.
If a milter decreases the timeout it waits for a communication
with the MTA, the MTA might experience a write() timeout.
In some situations, the resulting error might have been
ignored. Problem noted by Werner Wiethege.
Note: decreasing the communication timeout in a milter
should not be done without considering the potential
problems.
smfi_setsymlist() now properly sets the list of macros for
the milter which invoked it, instead of a global
list for all milters. Problem reported by
David Shrimpton of the University of Queensland.
If Timeout.resolver.retrans is set to a value larger than 20,
then resolver.retry was temporarily set to 0 for
gethostbyaddr() lookups. Now it is set to 1 instead.
Patch from Peter.
If sendmail could not lock the statistics file due to a system
error, and sendmail later sends a DSN for a mail that
triggered such an error, then sendmail tried to access
memory that was freed before (causing a crash on some
systems). Problem reported by Ryan Stone.
Do not log negative values for size= nor pri= to avoid confusing
log parsers, instead limit the values to LONG_MAX.
Account for an API change in newer versions of Cyrus-SASL.
Patch from Hajimu UMEMOTO from FreeBSD.
Do not try to resolve link-local addresses for IPv4 (just as it
is done for IPv6). Patch from John Beck of Oracle.
Improve logging of client and server STARTTLS connection failures
that may be due to incompatible cipher lists by including
the reason for the failure in a single log line. Suggested
by James Carey of Boeing.
Portability:
Add support for Darwin 11.x and 12.x (Mac OS X 10.7 and 10.8).
Add support for SunOS 5.12 (aka Solaris 12). Patch from
John Beck of Oracle.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (OpenBSD)
iQEcBAEBAgAGBQJQ10J7AAoJEI5a6fvO7vQ7iJoH/RwdM+5AGy/YIWybTRP14OqL
Y4Lx1oIgRu/BFbsFGNtOCIyzDDIy3CHkkbhmeCXcBCI3gI8n7Gpt23fSv3nPRrC2
o/b/GUFawcw2495ofnKdwvQZWRDbRqQeupYYB++9uzNYfHePpPuPc9vzUEEZBjtS
NOBJ9ZBP6mJFkbgmpRL8U6WWQvQbPsK67YBwimy0qgLpFaNamVaVoOMigRoAHhq6
Fk8M8wNkSHLmSunTopNp81GJHlIpmdA2EUvnxrjGRI3Z4oyOfzlI/I1cNQshbOxN
oyebTKs1RofYiQ1HSfwAGOJNLkoqY1WUXSGDK9U99mVFpwNH3fDL/3ybiqMGL8Y=
=9iCX
-----END PGP SIGNATURE-----
0 new messages