BUGS (bugtraq):
SECURITY: Fix a buffer overflow in address parsing due to
a char to int conversion problem which is potentially
remotely exploitable. Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to
data that it receives from untrusted sources, which
includes DNS.
To provide partial protection to internal, unpatched sendmail MTAs,
8.12.9 changes by default (char)0xff to (char)0x7f in
headers etc. To turn off this conversion compile with
-DALLOW_255 or use the command line option -d82.101.
To provide partial protection for internal, unpatched MTAs that may be
performing 7->8 or 8->7 bit MIME conversions, the default
for MaxMimeHeaderLength has been changed to 2048/1024.
Note: this does have a performance impact, and it only
protects against frontal attacks from the outside.
To disable the checks and return to pre-8.12.9 defaults,
Changed files:
sendmail.spec -> 1.121
Summary(tr): Elektronik posta hizmetleri sunucusu
Summary(uk): ðÏÛÔÏ×ÉÊ ÔÒÁÎÓÐÏÒÔÎÉÊ ÁÇÅÎÔ sendmail
Name: sendmail
Summary(tr): Elektronik posta hizmetleri sunucusu
Summary(uk): ðÏÛÔÏ×ÉÊ ÔÒÁÎÓÐÏÒÔÎÉÊ ÁÇÅÎÔ sendmail
Name: sendmail
Release: 1
License: BSD
Group: Networking/Daemons
Release: 1
License: BSD
Group: Networking/Daemons
projects / packages / sendmail.git / commitdiff