File: changelog.Debian.8.12

package info (click to toggle)
sendmail 8.15.2-8%2Bdeb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 13,108 kB
  • sloc: ansic: 95,435; sh: 9,754; perl: 7,444; makefile: 817
file content (104 lines) | stat: -rw-r--r-- 4,174 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
sendmail (8.12.3-7.2) oldstable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Backported upstream patch to fix remote command execution
    [debian/patches/8.12/8.12.3/z_CVE-2006-0058.patch, VU#834865]

 -- Martin Schulze <joey@infodrom.org>  Wed, 22 Mar 2006 23:24:46 +0100

sendmail (8.12.3-7.1) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Corrected the patch to not use default settings for the sasldb
    [debian/local/update_auth.in, CAN-2004-0833]

 -- Martin Schulze <joey@infodrom.org>  Mon, 13 Sep 2004 09:07:18 +0200

sendmail (8.12.3-7) stable-security; urgency=high
    
  * Don't update sasldb with default settings (thanks Hugo) CAN-2004-0833

 -- Richard A Nelson (Rick) <cowboy@debian.org>  Mon, 06 Sep 2004 12:00:00 -0000

sendmail (8.12.3-6.6) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Fix vulnerability in ruleset parsing
    [debian/patches/8.12/8.12.3/CAN-2003-0681.patch]

 -- Matt Zimmerman <mdz@debian.org>  Wed, 17 Sep 2003 14:34:02 -0400

sendmail (8.12.3-6.5) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Fix vulnerability in parseaddr() which could be used to overwrite memory
    [debian/patches/8.12/8.12.3/CAN-2003-0694.patch]

 -- Matt Zimmerman <mdz@debian.org>  Tue, 16 Sep 2003 16:28:18 -0400

sendmail (8.12.3-6.4) stable-security; urgency=low

  * Non-maintainer upload by the Security Team
  * Create temporary files securely
    Report and patches from Paul Szabo <psz@maths.usyd.edu.au>
    [debian/checksendmail/checksendmail.perl,
     contrib/doublebounce.pl,
     contrib/expn.pl]
    (Closes: #173243)
  * Configure with --enable-bind=no and remove build-dep on bind-dev.
    Linking with libbind broke LDAP support in 8.12.3-5
    (Closes: #183434)
    [debian/rules, debian/build/rules.in]

 -- Matt Zimmerman <mdz@debian.org>  Thu, 24 Apr 2003 13:02:08 -0400

sendmail (8.12.3-6.3) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Corrected the patch to fix a potentially remotely exploitable bug.

 -- Martin Schulze <joey@infodrom.org>  Fri,  4 Apr 2003 15:39:21 +0200

sendmail (8.12.3-6.2) stable-security; urgency=high

  * Non-maintainer upload by the Security Team
  * Fixed a buffer overflow in address parsing due to a char to int
    conversion problem which is potentially remotely exploitable found by
    Michal Zalewski. (VU#897604 CA-2003-12 CAN-2003-0161,
    debian/patches/8.12/8.12.3/security.parsaddr)
  * Force no optimization for arm - buggy compiler...

 -- Martin Schulze <joey@infodrom.org>  Tue,  1 Apr 2003 20:58:30 +0200

sendmail (8.12.3-5) stable-security; urgency=urgent

  * Finally, bring a working, installable (and removable) sendmail to
    Woody !!!
  * !!! A remote buffer overflow is squashed via upstream fix !!!
  * The following GRAVE bugs are fixed
    + sendmailconfig sets sm_path incorrectly (fixed in sid, but not woody)
    + sendmail_8.12.3-4 cannot install from scratch
    + sendmailconfig silly checks
    + sendmailconfig no longer works (due to update_conf location)
      Closes: #146331, #150179, #153908, #158445
  * The following Serious Policy Violations
    + sendmail preinst does not check for /etc/cron.d
      Closes: #154702
  * The following Important problems
    + Lots of syslog messages regarding SSL after upgrade, reinstall fails
      Closes: #158751 
  * The following Normal problems
    + sendmailconfig assumes incorrectly location of loadable modules
    + sendmail: package sendmail can't be removed/replaced
    + not having STARTTLS configured spams messages to the logs
    + sendmail: Installation fails to create SSL certificates
    + sendmail issues in Woody
      Closes: #160612, #162997, #170625, #169527, #171085, #171407
  * Included (at no additional charge)
    + Fix for numeric ids (got several mails on this - HESIOD problem)
    + Several upstream patches for MX, MSP, SMRSH and improved DNS handling
      that cleans up potential DOS issues

 -- Richard A Nelson (Rick) <cowboy@debian.org>  Tue, 21 Jan 2003 12:00:00 -0500

/* vim:set ai et tw=80 */