Sendmail 8.13.4

Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.13.4. It fixes several bugs and omissions and adds some additional checks to deal with situations that should not occur.

For a full list of changes see the release notes down below.

Please send bug reports to sendmail-bugs@sendmail.org and general feedback to sendmail@sendmail.org. Please send security reports to sendmail-security@sendmail.org using PGP encryption.

The version can be found at

ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.4.tar.gz
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.4.tar.gz.sig
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.4.tar.Z
ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.4.tar.Z.sig

or on a mirror near to you.

You either need the first two files or the third and fourth, i.e., the gzip'ed version or the compressed version and the corresponding sig file. The PGP signature was created using the Sendmail Signing Key/2005, available on the web site (http://www.sendmail.org/) or on the public key servers.

MD5 signatures: 

e6015f9df4a71a8473729548db1b813c sendmail.8.13.4.tar.Z
f6fdba9feb9e3d96f5fa1a38642c4260 sendmail.8.13.4.tar.Z.sig
61e336750b48b01abaa69b4d7c9473b5 sendmail.8.13.4.tar.gz
0e80f7923c5ef86700dd6c7f8b931267 sendmail.8.13.4.tar.gz.sig

Since sendmail 8.11 and later includes hooks to cryptography, the following information from OpenSSL applies to sendmail as well.

PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY. 

			SENDMAIL RELEASE NOTES
      $Id: RELEASE_NOTES,v 8.1730 2005/03/28 00:31:23 gshapiro Exp $

This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. 

8.13.4/8.13.4	2005/03/27
	The bug fixes in 8.13.3 for connection handling uncovered a
		different error which could result in connections that
		stay in CLOSE_WAIT state due to a variable that was not
		properly initialized.  Problem noted by Michael Sims.
	Deal with empty hostnames in hostsignature().  This bug could lead
		to an endless loop when doing LMTP deliveries to another
		host.  Problem first reported by Martin Lathoud and
		tracked down by Gael Roualland.
	Make sure return parameters are initialized in getmxrr().  Problem
		found by Gael Roualland using valgrind.
	If shared memory is used and the RunAsUser option is set, then the
		owner and group of the shared memory segment is set to 
		the ids specified RunAsUser and the access mode is set
		to 0660 to allow for updates by sendmail processes.
	The number of queue entries that is (optionally) kept in shared
		memory was wrong in some cases, e.g., envelope splitting
		and bounce generation.
	Undo a change made in 8.13.0 to silently truncate long strings
		in address rewriting because the message can be triggered
		for header checks where long strings are legitimate.
		Problem reported by Mary Verge DeSisto, and tracked
		down with the help of John Beck of Sun Microsystems.
	The internal stab map did not obey the -m flag.  Patch from
		Rob McMahon of Warwick University, England.
	The socket map did not obey the -f flag.  Problem noted by
		Dan Ringdahl, forwarded by Andrzej Filip.
	The addition of LDAP recursion in 8.13.0 broke enforcement of
		the LDAP map -1 argument which tells the MTA to only
		return success if and only if a single LDAP match is found.
	Add additional error checks in the MTA for milter communication
		to avoid a possible segmentation fault.  Based on patch
		by Joe Maimon.
	Do not trigger an assertion if X509_digest() returns success but
		does not assign a value to its output parameter.  Based
		on patch by Brian Kantor.
	Add more checks when resetting internal AUTH data (applies only
		to Cyrus SASL version 2).  Otherwise an SMTP session might
		be dropped after an AUTH failure.
	Portability:
		Add LA_LONGLONG as valid LA_TYPE type for systems that use
			"long long" to read load average data, e.g.,
			AIX 5.1 in 32 bit mode.  Note: this has to be set
			"by hand", it is not (yet) automatically detected.
			Problem noted by Burak Bilen.
		Use socklen_t for accept(), etc. on AIX 5.x.  This should
			fix problems when compiling in 64 bit mode.
			Problem first reported by Harry Meiert of
			University of Bremen.
	New Files:
		include/sm/sem.h
		libsm/sem.c
		libsm/t-sem.c