- rel 3

- added security patch
CVE: CAN-2003-0694
BUG:(bugtraq,lcamtuf):
There seems to be a remotely exploitable
vulnerability in Sendmail up to
and including the latest version, 8.12.9.
The problem lies in prescan() function,
but is not related to previous issues with this code.

Changed files:
    sendmail.spec -> 1.126

diff --git a/sendmail.spec b/sendmail.spec
index cc56c48d9cceeaeb5205e3c36cdfd83358f9fdf1..924b045a2057f5b868fd9b86d655f75abdfeee7a 100644 (file)
--- a/sendmail.spec
+++ b/sendmail.spec
@@ -17,7 +17,7 @@ Summary(tr):  Elektronik posta hizmetleri sunucusu
 Summary(uk):   ðÏÛÔÏ×ÉÊ ÔÒÁÎÓÐÏÒÔÎÉÊ ÁÇÅÎÔ sendmail
 Name:          sendmail
 Version:       8.12.9
-Release:       2
+Release:       3
 License:       BSD
 Group:         Networking/Daemons
 Source0:       ftp://ftp.sendmail.org/pub/sendmail/%{name}.%{version}.tar.gz
@@ -46,6 +46,7 @@ Patch5:               %{name}-redirect.patch
 Patch6:                %{name}-hprescan-dos.patch
 Patch7:                http://blue-labs.org/clue/bluelabs.patch-8.12.3
 Patch8:                %{name}-parseaddr.patch
+Patch9:                %{name}-prescan.patch
 BuildRequires: cyrus-sasl-devel
 %{?_with_db3:BuildRequires:    db3-devel}
 %{!?_with_db3:BuildRequires:   db-devel >= 4.1.25}
@@ -161,6 +162,7 @@ Sendmail - 
 %patch7 -p1
 %endif
 %patch8 -p1
+%patch9 -p1
 
 sed -e 's|@@PATH@@|\.\.|' < %{SOURCE6} > cf/cf/pld.mc