Debian Patches
Status for sendmail/8.15.2-22+deb11u3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0024-CVE-2023-51765.patch | CVE-2023-51765 sendmail allowed SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features. |
=?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org> | no | 2024-02-15 | ||
| connect-from-null.patch | fix NOQUEUE: connect from (null) | Claus Assmann <sendmail-bugs-2017@support.sendmail.org> | no | |||
| control_c | Make control socket mode 0660 | no | ||||
| cyrusv2.m4.debian | no | |||||
| drac | no | |||||
| fhs.patch | adjust some paths in the documentation according to fhs-compliant choices in Debian | Andreas Beckmann <anbe@debian.org> | no | |||
| fix_linkage | no | |||||
| format-security.patch | fix FTBFS with -Werror=format-security If a message string from an (untrusted) external source may start with a smtp status code ("123 4.5.6 Foobar"), we cannot sanitize this via ("%s", string) since the status code is expected as part of the format string. Therefore verify that the message string contains no formatting codes before passing it as the format string. Add a dummy argument to suppress the "format not a string literal and no format arguments" error in this case. |
Andreas Beckmann <anbe@debian.org> | no | |||
| glibc-2.30.patch | The former deprecated macro RES_USE_INET6 is gone with glibc 2.30 | no | ||||
| hard-code-lockf.patch | diff -urNap sendmail-8.14.4.orig/mail.local/mail.local.c sendmail-8.14.4/mail.local/mail.local.c | no | ||||
| hurd.patch | fix building for HURD | Samuel Thibault <sthibault@debian.org> | no | |||
| hyphenation.patch | fix hyphen-used-as-minus-sign | Andreas Beckmann <anbe@debian.org> | no | |||
| install_static_libs.patch | make the static libraries installable via the sendmail build system | no | ||||
| kerberos | # Attempt to support Kerberos #### Patch data follows #### |
no | ||||
| kfreebsd | diff -Nurd ./devtools/bin/Build ./devtools/bin/Build | no | ||||
| local_procmail | Remove -Y from procmail arguments | no | ||||
| lock-mail-local.diff | Fix order of fcntl and dotlock in mail.local | Tim Marston <tim@ed.am> | no | debian | ||
| log-stop-at-debug-level.patch | Log mi_stop flag at debug level when closing socket | David Bürgin <dbuergin@gluet.ch> | no | |||
| mailer_cyrus | no | |||||
| mailer_fax | /usr/bin/faxmail, !/usr/local/bin/faxmail | no | ||||
| manpage-section.patch | move newaliases to man section 8 | Andreas Beckmann <anbe@debian.org> | no | |||
| maxseq | no | |||||
| openssl-1.1.0.patch | [PATCH] sendmail: compile against openssl 1.1.0 | Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | no | 2016-09-10 | ||
| raise-max-daemons.patch | hard-coded "10" is not enough to listen on both IPv4 and IPv6 with a minimal configuration of MTA, MSA, and MSASSL on both localhost and primary interface (12 daemons). Raise limit to 64. |
Kees Cook <kees@debian.org> | no | |||
| reject_nul.patch | add configurable 'O RejectNUL' to *.cf | Andreas Beckmann <anbe@debian.org> | no | 2024-06-17 | ||
| rmail.odi | Change sendmail call -obq to -obi | no | ||||
| shared_libmilter.patch | support building a shared libmilter | Andreas Beckmann <anbe@debian.org> | no | |||
| socket_activation.patch | systemd-like socket activation support for libmilterdiff --git a/libmilter/docs/smfi_setconn.html b/libmilter/docs/smfi_setconn.html index 70a510e..013f04e 100644 |
Mikhail Gusarov <dottedmag@debian.org | no | |||
| typos.patch | fix typos | Andreas Beckmann <anbe@debian.org> | no |
Showing 1 to 29 of 29 entries
All known versions for source package 'sendmail'
- 8.18.1-6 (sid, trixie)
- 8.18.1-6~bpo12+1 (bookworm-backports)
- 8.17.1.9-2+deb12u2 (bookworm)
- 8.15.2-22+deb11u3 (bullseye)