Patch-ID# 107685-11 Keywords: security sendmail header rst mailstats makemap buffer underflow Synopsis: SunOS 5.7_x86: sendmail patch Date: Apr/28/2004 Install Requirements: See Special Install Instructions Solaris Release: 7_x86 SunOS Release: 5.7_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 107684 Topic: SunOS 5.7_x86: sendmail patch Relevant Architectures: i386 BugId's fixed with this patch: 1119353 1254405 4086468 4214238 4293176 4304080 4317819 4329124 4329128 4329131 4332599 4344081 4344537 4357054 4361623 4368934 4374955 4384437 4388375 4402056 4419745 4419827 4462997 4487115 4493726 4651929 4655363 4756570 4809539 4835344 4839862 4925761 4954379 Changes incorporated in this version: 4954379 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /etc/inet/services /etc/init.d/sendmail /etc/mail/helpfile /etc/mail/local-host-names /etc/mail/main.cf /etc/mail/sendmail.cf /etc/mail/sendmail.hf /etc/mail/subsidiary.cf /etc/mail/trusted-users /etc/rc0.d/K36sendmail /etc/rc1.d/K36sendmail /etc/rc2.d/S88sendmail /etc/rcS.d/K36sendmail /usr/bin/aliasadm /usr/bin/mailcompat /usr/bin/mailstats /usr/bin/praliases /usr/bin/vacation /usr/lib/mail.local /usr/lib/mail/README /usr/lib/mail/cf/Makefile /usr/lib/mail/cf/main-v7sun.cf /usr/lib/mail/cf/main-v7sun.mc /usr/lib/mail/cf/subsidiary-v7sun.cf /usr/lib/mail/cf/subsidiary-v7sun.mc /usr/lib/mail/domain/generic.m4 /usr/lib/mail/domain/solaris-antispam.m4 /usr/lib/mail/domain/solaris-generic.m4 /usr/lib/mail/feature/access_db.m4 /usr/lib/mail/feature/bestmx_is_local.m4 /usr/lib/mail/feature/bitdomain.m4 /usr/lib/mail/feature/blacklist_recipients.m4 /usr/lib/mail/feature/delay_checks.m4 /usr/lib/mail/feature/dnsbl.m4 /usr/lib/mail/feature/domaintable.m4 /usr/lib/mail/feature/generics_entire_domain.m4 /usr/lib/mail/feature/genericstable.m4 /usr/lib/mail/feature/ldap_routing.m4 /usr/lib/mail/feature/local_lmtp.m4 /usr/lib/mail/feature/mailertable.m4 /usr/lib/mail/feature/no_default_msa.m4 /usr/lib/mail/feature/nocanonify.m4 /usr/lib/mail/feature/nodns.m4 /usr/lib/mail/feature/nouucp.m4 /usr/lib/mail/feature/nullclient.m4 /usr/lib/mail/feature/rbl.m4 /usr/lib/mail/feature/redirect.m4 /usr/lib/mail/feature/relay_based_on_MX.m4 /usr/lib/mail/feature/relay_mail_from.m4 /usr/lib/mail/feature/remote_mode.m4 /usr/lib/mail/feature/smrsh.m4 /usr/lib/mail/feature/sun_reverse_alias_files.m4 /usr/lib/mail/feature/sun_reverse_alias_nis.m4 /usr/lib/mail/feature/sun_reverse_alias_nisplus.m4 /usr/lib/mail/feature/uucpdomain.m4 /usr/lib/mail/feature/virtuser_entire_domain.m4 /usr/lib/mail/feature/virtusertable.m4 /usr/lib/mail/m4/cfhead.m4 /usr/lib/mail/m4/nullrelay.m4 (deleted file) /usr/lib/mail/m4/proto.m4 /usr/lib/mail/m4/version.m4 /usr/lib/mail/mailer/local.m4 /usr/lib/mail/mailer/smtp.m4 /usr/lib/mail/mailer/uucp.m4 /usr/lib/mail/ostype/solaris2.m4 /usr/lib/mail/ostype/solaris2.ml.m4 /usr/lib/mail/ostype/solaris2.pre5.m4 /usr/lib/mail/sh/check-hostname /usr/lib/mail/sh/check-permissions /usr/lib/mail/sh/makeinfo.sh /usr/lib/sendmail /usr/lib/smrsh /usr/sbin/makemap Problem Description: 4954379 Sendmail contains buffer overflow in ruleset parsing (from 107685-10) 4925761 sendmail's prescan() routine contains a buffer underflow (from 107685-09) 4839862 upgrade sendmail to 8.11.7 4835344 address parsing issue (from 107685-08) This revision is to correct a Class Action Script problem. No new bugs fixed with this revision. (from 107685-07) 4809539 header parsing issue (from 107685-06) 4756570 sendmail doesn't handle some .forward constructs correctly (from 107685-05) 4655363 sendmail breaks old cf files in v1 mode after latest patches 4651929 sendmail loses data decoding quoted-printable MIME body parts > 2K (from 107685-04) 4493726 upgrade sendmail to 8.11.6 4487115 upgrade sendmail to 8.11.5 4368934 default sendmail config could be more robust against boot-time DNS failure - This bug was re-worked (from 107685-03) 4462997 upgrade sendmail to 8.11.4 4384437 mail.local & sendmail hang on msg w/2047-char line where last char is "." 4388375 sendmail Makefiles could stand some clean-up 4361623 upgrade sendmail to 8.11.0 4374955 upgrade sendmail to 8.11.1 4402056 upgrade sendmail to 8.11.2 4419745 upgrade sendmail to 8.11.3 4419827 "praliases key" fails on dbm format maps 4344537 default From: header generated by vacation(1) is misleading 4368934 default sendmail config could be more robust against boot-time DNS failure 4293176 need /etc/inet/services class action script (e.g., i.services) (from 107685-02) 4329124 upgrade sendmail to 8.10.0 4304080 check-hostname(1m) should not assume org_dir in search path 4317819 Sendmail cores in test mode if RHS of rewrite rule is NULL 4086468 mail.local: authdes_refresh: keyserv(1m) is unable to encrypt session key 1119353 sendmail after su to a down host doesn't create /dead.letter 1254405 mail gets delayed on a lightly loaded MP system 4329128 upgrade sendmail to 8.10.1 4329131 upgrade Berkeley DB to 2.7.7 4332599 modify sendmail Makefiles so SOLARIS release value is kept in 1 place, not 4 4344081 upgrade sendmail to 8.10.2 4357054 check-permissions(1m) script missing a couple of closing single quotes (from 107685-01) 4214238 Issue with header size and accept() call Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- Note: It is necessary to restart sendmail after the patch installation in order to be running with the latest version of sendmail included in this patch. Execute the following commands as root: # /etc/init.d/sendmail stop # /etc/init.d/sendmail start If you have not modified the /etc/mail/sendmail.cf file then the patch installation will overwrite this file with the new version. If you no longer wish to use the default configuration then refer to the /usr/lib/mail/README file on how to customize this file. README -- Last modified date: Wednesday, April 28, 2004