552078 – Sendmail 8.14.4 is released

Bug 552078 - Sendmail 8.14.4 is released

Summary: Sendmail 8.14.4 is released

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	sendmail
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Jaroslav Škarvada
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	http://www.sendmail.org/releases/8.14.4
Whiteboard:
Duplicates (1):	556574 (view as bug list)
Depends On:
Blocks:	CVE-2009-4565
TreeView+	depends on / blocked

Reported:	2010-01-03 22:48 UTC by Robert Scheck
Modified:	2010-02-08 10:54 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2010-02-08 10:54:57 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
sendmail-8.14.4-dynamic.patch (2.43 KB, patch) 2010-01-03 22:51 UTC, Robert Scheck	no flags	Details \| Diff
sendmail-8.14.4-makemapman.patch (1.85 KB, patch) 2010-01-03 22:53 UTC, Robert Scheck	no flags	Details \| Diff
sendmail-8.14.4-switchfile.patch (408 bytes, patch) 2010-01-03 22:54 UTC, Robert Scheck	no flags	Details \| Diff
View All

Description Robert Scheck 2010-01-03 22:48:44 UTC

Description of problem:
Sendmail, Inc., and the Sendmail Consortium announce the availability
of sendmail 8.14.4. This version fixes some problems:

o some certificate authorities do not properly check the requests
  they are signing and hence allow spoofing via an embedded NUL in
  the CN entry. Some checks have been added to deal with "bogus"
  CNs (see below and doc/op/op.*).
o a workaround for a Linux resolver problem has been added to
  avoid core dumps.
o the value of headers, e.g., Precedence, Content-Type, et.al., was
  not extracted correctly thus preventing them from being recognized
  properly; leading spaces were not stripped (which was an unintended
  side effect of an earlier change) and hence comparing them with
  expected values (e.g., "first-class" for Precedence) did not work.
o between 8.11.7 and 8.12.0 the length limitation on a return
  path was erroneously reduced.

Version-Release number of selected component (if applicable):
sendmail-8.14.3-10

Actual results:
A simple version bump and replacing/updating/removing a few patches should do
it. I'll attach an updated Patch3, Patch11 and Patch18. As far as I understand
things, Patch20 can be removed as fixed somehow else in upstream.

Expected results:
Upgrade to 8.14.4... ;-)

Comment 1 Robert Scheck 2010-01-03 22:51:11 UTC

Created attachment 381445 [details]
sendmail-8.14.4-dynamic.patch

Comment 2 Robert Scheck 2010-01-03 22:53:29 UTC

Created attachment 381446 [details]
sendmail-8.14.4-makemapman.patch

Comment 3 Robert Scheck 2010-01-03 22:54:01 UTC

Created attachment 381447 [details]
sendmail-8.14.4-switchfile.patch

Comment 4 Jaroslav Škarvada 2010-02-01 10:36:22 UTC

I am new package maintainer, thank you for patches, work on progress....

Comment 5 Jaroslav Škarvada 2010-02-02 13:23:57 UTC

*** Bug 556574 has been marked as a duplicate of this bug. ***

Comment 6 Jaroslav Škarvada 2010-02-04 07:04:12 UTC

https://koji.fedoraproject.org/koji/taskinfo?taskID=1962369
I will do some more testing before release.

Comment 7 Jaroslav Škarvada 2010-02-08 10:54:57 UTC

In rawhide, enjoy.

Note You need to log in before you can comment on or make changes to this bug.