Package: sendmail | Debian Sources

Package: sendmail / 8.15.2-22+deb11u3

Metadata

Package	Version	Patches format
sendmail	8.15.2-22+deb11u3	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
control_c \| (download)	sendmail/control.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	make control socket mode 0660
cyrusv2.m4.debian \| (download)	cf/mailer/cyrusv2.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
drac \| (download)	cf/feature/drac.m4 \| 5 5 + 0 - 0 ! cf/m4/proto.m4 \| 7 7 + 0 - 0 ! 2 files changed, 12 insertions(+)	---
kerberos \| (download)	sendmail/conf.c \| 7 7 + 0 - 0 ! 1 file changed, 7 insertions(+)	---
kfreebsd \| (download)	devtools/bin/Build \| 1 1 + 0 - 0 ! include/sm/conf.h \| 70 68 + 2 - 0 ! include/sm/os/sm_os_linux.h \| 32 18 + 14 - 0 ! 3 files changed, 87 insertions(+), 16 deletions(-)	---
local_procmail \| (download)	cf/feature/local_procmail.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	remove -y from procmail arguments
mailer_cyrus \| (download)	cf/mailer/cyrus.m4 \| 6 3 + 3 - 0 ! 1 file changed, 3 insertions(+), 3 deletions(-)	---
mailer_fax \| (download)	cf/mailer/fax.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	/usr/bin/faxmail, !/usr/local/bin/faxmail
maxseq \| (download)	sendmail/conf.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
rmail.odi \| (download)	rmail/rmail.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	change sendmail call -obq to -obi
hard code lockf.patch \| (download)	mail.local/mail.local.c \| 23 2 + 21 - 0 ! 1 file changed, 2 insertions(+), 21 deletions(-)	---
lock mail local.diff \| (download)	mail.local/mail.local.c \| 46 23 + 23 - 0 ! 1 file changed, 23 insertions(+), 23 deletions(-)	fix order of fcntl and dotlock in mail.local
fix_linkage \| (download)	devtools/M4/UNIX/defines.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
raise max daemons.patch \| (download)	sendmail/conf.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	hard-coded "10" is not enough to listen on both ipv4 and ipv6 with a minimal configuration of MTA, MSA, and MSASSL on both localhost and primary interface (12 daemons). Raise limit to 64.
hurd.patch \| (download)	include/sm/conf.h \| 47 39 + 8 - 0 ! 1 file changed, 39 insertions(+), 8 deletions(-)	fix building for hurd
manpage section.patch \| (download)	sendmail/newaliases.1 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	move newaliases to man section 8
socket_activation.patch \| (download)	libmilter/docs/smfi_setconn.html \| 1 1 + 0 - 0 ! libmilter/listener.c \| 27 24 + 3 - 0 ! 2 files changed, 25 insertions(+), 3 deletions(-)	systemd-like socket activation support for libmilter
install_static_libs.patch \| (download)	libmilter/Makefile.m4 \| 1 1 + 0 - 0 ! libsm/Makefile.m4 \| 2 2 + 0 - 0 ! libsmutil/Makefile.m4 \| 2 2 + 0 - 0 ! 3 files changed, 5 insertions(+)	make the static libraries installable via the sendmail build system
shared_libmilter.patch \| (download)	libmilter/Makefile.m4 \| 22 22 + 0 - 0 ! 1 file changed, 22 insertions(+)	support building a shared libmilter
hyphenation.patch \| (download)	contrib/etrn.0 \| 6 3 + 3 - 0 ! contrib/qtool.8 \| 8 4 + 4 - 0 ! mail.local/mail.local.8 \| 4 2 + 2 - 0 ! sendmail/mailq.1 \| 2 1 + 1 - 0 ! sendmail/newaliases.1 \| 2 1 + 1 - 0 ! sendmail/sendmail.8 \| 2 1 + 1 - 0 ! vacation/vacation.1 \| 8 4 + 4 - 0 ! 7 files changed, 16 insertions(+), 16 deletions(-)	fix hyphen-used-as-minus-sign
fhs.patch \| (download)	sendmail/sendmail.8 \| 2 1 + 1 - 0 ! smrsh/README \| 34 17 + 17 - 0 ! smrsh/smrsh.8 \| 8 4 + 4 - 0 ! 3 files changed, 22 insertions(+), 22 deletions(-)	adjust some paths in the documentation according to fhs-compliant choices in debian
typos.patch \| (download)	contrib/expn.pl \| 6 3 + 3 - 0 ! sendmail/sendmail.8 \| 2 1 + 1 - 0 ! 2 files changed, 4 insertions(+), 4 deletions(-)	fix typos
format security.patch \| (download)	sendmail/envelope.c \| 4 2 + 2 - 0 ! sendmail/parseaddr.c \| 2 1 + 1 - 0 ! sendmail/srvrsmtp.c \| 34 27 + 7 - 0 ! 3 files changed, 30 insertions(+), 10 deletions(-)	fix ftbfs with -werror=format-security If a message string from an (untrusted) external source may start with a smtp status code ("123 4.5.6 Foobar"), we cannot sanitize this via ("%s", string) since the status code is expected as part of the format string. Therefore verify that the message string contains no formatting codes before passing it as the format string. Add a dummy argument to suppress the "format not a string literal and no format arguments" error in this case.
openssl 1.1.0.patch \| (download)	doc/op/op.me \| 2 1 + 1 - 0 ! sendmail/tls.c \| 163 123 + 40 - 0 ! 2 files changed, 124 insertions(+), 41 deletions(-)	[patch] sendmail: compile against openssl 1.1.0 Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
connect from null.patch \| (download)	sendmail/main.c \| 13 12 + 1 - 0 ! 1 file changed, 12 insertions(+), 1 deletion(-)	fix noqueue: connect from (null)
log stop at debug level.patch \| (download)	libmilter/listener.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	log mi_stop flag at debug level when closing socket
glibc 2.30.patch \| (download)	libmilter/sm_gethost.c \| 6 4 + 2 - 0 ! sendmail/conf.c \| 6 4 + 2 - 0 ! 2 files changed, 8 insertions(+), 4 deletions(-)	---
0024 CVE 2023 51765.patch \| (download)	RELEASE_NOTES \| 24 23 + 1 - 0 ! libsm/lowercase.c \| 168 168 + 0 - 0 ! sendmail/collect.c \| 204 156 + 48 - 0 ! sendmail/main.c \| 5 3 + 2 - 0 ! sendmail/mime.c \| 8 4 + 4 - 0 ! sendmail/sendmail.h \| 19 17 + 2 - 0 ! sendmail/srvrsmtp.c \| 265 182 + 83 - 0 ! sendmail/usersmtp.c \| 11 9 + 2 - 0 ! sendmail/util.c \| 2 1 + 1 - 0 ! 9 files changed, 563 insertions(+), 143 deletions(-)	cve-2023-51765 sendmail allowed SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
reject_nul.patch \| (download)	cf/m4/proto.m4 \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	add configurable 'o rejectnul' to *.cf

Patch	File delta	Description
control_c \| (download)	sendmail/control.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	make control socket mode 0660
cyrusv2.m4.debian \| (download)	cf/mailer/cyrusv2.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
drac \| (download)	cf/feature/drac.m4 \| 5 5 + 0 - 0 ! cf/m4/proto.m4 \| 7 7 + 0 - 0 ! 2 files changed, 12 insertions(+)	---
kerberos \| (download)	sendmail/conf.c \| 7 7 + 0 - 0 ! 1 file changed, 7 insertions(+)	---
kfreebsd \| (download)	devtools/bin/Build \| 1 1 + 0 - 0 ! include/sm/conf.h \| 70 68 + 2 - 0 ! include/sm/os/sm_os_linux.h \| 32 18 + 14 - 0 ! 3 files changed, 87 insertions(+), 16 deletions(-)	---
local_procmail \| (download)	cf/feature/local_procmail.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	remove -y from procmail arguments
mailer_cyrus \| (download)	cf/mailer/cyrus.m4 \| 6 3 + 3 - 0 ! 1 file changed, 3 insertions(+), 3 deletions(-)	---
mailer_fax \| (download)	cf/mailer/fax.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	/usr/bin/faxmail, !/usr/local/bin/faxmail
maxseq \| (download)	sendmail/conf.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
rmail.odi \| (download)	rmail/rmail.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	change sendmail call -obq to -obi
hard code lockf.patch \| (download)	mail.local/mail.local.c \| 23 2 + 21 - 0 ! 1 file changed, 2 insertions(+), 21 deletions(-)	---
lock mail local.diff \| (download)	mail.local/mail.local.c \| 46 23 + 23 - 0 ! 1 file changed, 23 insertions(+), 23 deletions(-)	fix order of fcntl and dotlock in mail.local
fix_linkage \| (download)	devtools/M4/UNIX/defines.m4 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
raise max daemons.patch \| (download)	sendmail/conf.h \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	hard-coded "10" is not enough to listen on both ipv4 and ipv6 with a minimal configuration of MTA, MSA, and MSASSL on both localhost and primary interface (12 daemons). Raise limit to 64.
hurd.patch \| (download)	include/sm/conf.h \| 47 39 + 8 - 0 ! 1 file changed, 39 insertions(+), 8 deletions(-)	fix building for hurd
manpage section.patch \| (download)	sendmail/newaliases.1 \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	move newaliases to man section 8
socket_activation.patch \| (download)	libmilter/docs/smfi_setconn.html \| 1 1 + 0 - 0 ! libmilter/listener.c \| 27 24 + 3 - 0 ! 2 files changed, 25 insertions(+), 3 deletions(-)	systemd-like socket activation support for libmilter
install_static_libs.patch \| (download)	libmilter/Makefile.m4 \| 1 1 + 0 - 0 ! libsm/Makefile.m4 \| 2 2 + 0 - 0 ! libsmutil/Makefile.m4 \| 2 2 + 0 - 0 ! 3 files changed, 5 insertions(+)	make the static libraries installable via the sendmail build system
shared_libmilter.patch \| (download)	libmilter/Makefile.m4 \| 22 22 + 0 - 0 ! 1 file changed, 22 insertions(+)	support building a shared libmilter
hyphenation.patch \| (download)	contrib/etrn.0 \| 6 3 + 3 - 0 ! contrib/qtool.8 \| 8 4 + 4 - 0 ! mail.local/mail.local.8 \| 4 2 + 2 - 0 ! sendmail/mailq.1 \| 2 1 + 1 - 0 ! sendmail/newaliases.1 \| 2 1 + 1 - 0 ! sendmail/sendmail.8 \| 2 1 + 1 - 0 ! vacation/vacation.1 \| 8 4 + 4 - 0 ! 7 files changed, 16 insertions(+), 16 deletions(-)	fix hyphen-used-as-minus-sign
fhs.patch \| (download)	sendmail/sendmail.8 \| 2 1 + 1 - 0 ! smrsh/README \| 34 17 + 17 - 0 ! smrsh/smrsh.8 \| 8 4 + 4 - 0 ! 3 files changed, 22 insertions(+), 22 deletions(-)	adjust some paths in the documentation according to fhs-compliant choices in debian
typos.patch \| (download)	contrib/expn.pl \| 6 3 + 3 - 0 ! sendmail/sendmail.8 \| 2 1 + 1 - 0 ! 2 files changed, 4 insertions(+), 4 deletions(-)	fix typos
format security.patch \| (download)	sendmail/envelope.c \| 4 2 + 2 - 0 ! sendmail/parseaddr.c \| 2 1 + 1 - 0 ! sendmail/srvrsmtp.c \| 34 27 + 7 - 0 ! 3 files changed, 30 insertions(+), 10 deletions(-)	fix ftbfs with -werror=format-security If a message string from an (untrusted) external source may start with a smtp status code ("123 4.5.6 Foobar"), we cannot sanitize this via ("%s", string) since the status code is expected as part of the format string. Therefore verify that the message string contains no formatting codes before passing it as the format string. Add a dummy argument to suppress the "format not a string literal and no format arguments" error in this case.
openssl 1.1.0.patch \| (download)	doc/op/op.me \| 2 1 + 1 - 0 ! sendmail/tls.c \| 163 123 + 40 - 0 ! 2 files changed, 124 insertions(+), 41 deletions(-)	[patch] sendmail: compile against openssl 1.1.0 Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
connect from null.patch \| (download)	sendmail/main.c \| 13 12 + 1 - 0 ! 1 file changed, 12 insertions(+), 1 deletion(-)	fix noqueue: connect from (null)
log stop at debug level.patch \| (download)	libmilter/listener.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	log mi_stop flag at debug level when closing socket
glibc 2.30.patch \| (download)	libmilter/sm_gethost.c \| 6 4 + 2 - 0 ! sendmail/conf.c \| 6 4 + 2 - 0 ! 2 files changed, 8 insertions(+), 4 deletions(-)	---
0024 CVE 2023 51765.patch \| (download)	RELEASE_NOTES \| 24 23 + 1 - 0 ! libsm/lowercase.c \| 168 168 + 0 - 0 ! sendmail/collect.c \| 204 156 + 48 - 0 ! sendmail/main.c \| 5 3 + 2 - 0 ! sendmail/mime.c \| 8 4 + 4 - 0 ! sendmail/sendmail.h \| 19 17 + 2 - 0 ! sendmail/srvrsmtp.c \| 265 182 + 83 - 0 ! sendmail/usersmtp.c \| 11 9 + 2 - 0 ! sendmail/util.c \| 2 1 + 1 - 0 ! 9 files changed, 563 insertions(+), 143 deletions(-)	cve-2023-51765 sendmail allowed SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
reject_nul.patch \| (download)	cf/m4/proto.m4 \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	add configurable 'o rejectnul' to *.cf