2008
sendmail (8.14.3-5) unstable; urgency=high
* Sendmail uses the same filemode for pid/hoststat/dead.letter/etc
files :( To prevent world readable dead.letter files, we have to
restrict other data as well (like hoststat/mailq) Closes: #481347
* Remove confNO_RCPT_ACTION for better spam detection Closes: #490776
* Several changes thanks to Joe Maimon
+ Update sample access db to not block Connect:0, as it
has the unintended side effect of killing sendmail -bs -Am :(
+ add autoconf AC_PROG_MKDIR_P
+ rewrite SM_RESULTS_IFELSE autoconf macro with AC_RUN_IFELSE
why didn't I think of that, but still, it was an experience :)
* Improve the sendmail.conf comment, and parsing of timespecs
when creating crontabs (also randomize start times)
Thanks to Michael J. Micek
* Improve the sendmail.conf commentary for QUEUE_INTERVAL
to note how to create persistent queue-runners (p120m)
Thanks to Michael J. Micek
* Milter changes for increased performance
+ Enable poll (vs select)
+ Enable _FFR_WORKERS_POOL
* Init script touch-ups
+ Make init script depend on $syslog
+ Remove 0 and 6 from Default-Stop in init script
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 15 Jul 2008 22:25:00 -0000
sendmail (8.14.3-4) unstable; urgency=low
* Redo the Perl 5.10 fix so that it sticks this time
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 19 May 2008 15:20:00 -0000
sendmail (8.14.3-3) unstable; urgency=low
* wtf?!? how did libdb2-dev windup there... Closes: #481733
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 18 May 2008 22:51:00 -0000
sendmail (8.14.3-2) unstable; urgency=low
* Fix perl 5.10 incompatible expression (works on 5.8 and 5.10)
2 lines in /usr/share/sendmail/Parse_conf.pm
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 17 May 2008 22:47:00 -0000
sendmail (8.14.3-1) unstable; urgency=low
* New upstream release
* refit patches
* libmilter moves from 1 (1.0.0) to 1.0.1
*** MILTER Packages should be to new scheme ASAP ***
If you are upstream, or deal well with them, please note
that patch-level updates (last digits) are not supposed to
break the ABI - and milters should use the 1st two digits
> Should not they be testing SM_LM_VRS_MAJOR(SMFI_VERSION) &
> SM_LM_VRS_MINOR(SMFI_VERSION) - and thereby assuming that
> simple patch-level updates don't break compatability ?
Yes. That's the basic idea behind the numbering. Hmm, I guess I
should update the documentation and the example program.
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 04 May 2008 05:16:00 -0000
sendmail (8.14.3-0) private; urgency=low
* New upstream release * refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 04 May 2008 04:27:00 -0000
sendmail (8.14.3.Gamma0-0) private; urgency=low
* New upstream Gamma * refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Thu, 17 Apr 2008 05:18:00 -0000
sendmail (8.14.3.Beta1-0) private; urgency=low
* New upstream Beta * refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 06 Apr 2008 16:57:00 -0000
sendmail (8.14.3.Beta0-0) private; urgency=low
* New upstream Beta * refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Wed, 05 Mar 2008 05:39:00 -0000
sendmail (8.14.2-5) unstable; urgency=low
* Determine libmilter library level dynamically - using the upstream
notation of <version-major>.<version-minor>.<patch-level>
This way, I don't need to remember to bump .so levels by hand, as
upstream is pretty good about incompatabilites - and the package
name directly corresponds with what a milter developer/builder
needs to know (instead of libmilter2 == 1.0.1) - though the sendmail
version also gives that information.
This does affect the milter packages, who currently link against
libmilter1, as the new name is libmilter1.0.0 (the -dev package
keeps is name; libmilter-dev).
NOTE: things will continue work until milters are rebuilt - as
the old library package still works.
With this change, when 8.14.3 is shipped, it will automatically
create libmilter1.0.1 (a bump in the patch level).
I thought about adding a compat symlink, but the milters don't seem
to be written in a way that makes that possible - they apparently are
checking exact values of SMFI_VERSION, instead of
SM_LM_VRS_MAJOR(SMFI_VERSION) & SM_LM_VRS_MINOR(SMFI_VERSION)
and so don't work with the newer 1.0.1 level anyway (trust me) :(
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 21 Apr 2008 18:04:00 -0000
sendmail (8.14.2-4) unstable; urgency=low
* remove bad brackets from example access IPv6 Closes: #471086 * remove echo -e Closes: #472240 * adjust for cdbs patch target change Closes: #474917 * Fix LSB init header. Use $remote_fs instead of $local_fs as the daemon requires /usr to be mounted. * Actually skip work in dynamic if the mode is 'Static' * Don't purgestat on ifdown (just slows things down needlessly), and is only relevant on ifup * background sendmail restart on ifup/ifdown to not hang interactivity * remove --linda from debuild options
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 03 Apr 2008 15:55:00 -0000
2007
sendmail (8.14.2-3) unstable; urgency=low
* Correct the setup of Submission (587) and local injection
+ sendmail.mc adds M=Ea to submission port
+ submit.mc changed to use port 25
otherwise local mail injection fails (thanks to Ian Corbett)
If you have already installed sendmail, and are having issues
with AUTH required and local mail injection, check your .mc files
against /usr/share/doc/sendmail/examples/cf/debian/*.mc
* pedantry bug (proof that two heads are better than one) -
misspelling in logrotate.conf
* Cleanup better on purge of sendmail-base Closes: #454685
* FTBFS on non-linux arch Closes: #459610
control.m4.in
* Generate TLS DH/DS parameters Closes: #461802
This only affects new installs or certificate recreation
update_tls, update_tlsm4, starttls.m4, Parse_mc.pm
* Build using newer LDAP and DB2
* Define LDAP_DEPRECATED Closes: #463371
configure.ac
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 07 Dec 2007 20:15:00 -0000
sendmail (8.14.2-2) unstable; urgency=low
* When creating /etc/sasldb2; use proper group (sasl)
* Remove nested quotes in {sendmail,submit}.mc closes: #451346
* Correct watch file entry for .sig file (avoid spurrious download)
* Remove suggests of no longer extant cyrus packages
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 23 Nov 2007 22:02:00 -0000
sendmail (8.14.2-1) unstable; urgency=low
* New Upstream release
+ SASL 2.1.22 change sasl_decode64() requires MTA handle "="
closes: #443319
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 02 Nov 2007 22:14:00 -0000
sendmail (8.14.2-0) private; urgency=low
* Upstream release * Refit patches * Run for a bit
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 02 Nov 2007 03:00:00 -0000
sendmail (8.14.2.Beta0-0) private; urgency=low
* Upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 23 Oct 2007 05:50:00 -0000
sendmail (8.14.2.Beta0-0) private; urgency=low
* Upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 15 Oct 2007 16:20:00 -0000
sendmail (8.14.1-12) unstable; urgency=low
* Correct "poor man's" emphasis closes: #448033 (Yes, Ubuntu does feed stuff back)
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 29 Oct 2007 22:46:00 -0000
sendmail (8.14.1-11) unstable; urgency=low
* /etc/init.d/sendmail will now rebuild databases on
start/reload/restart (like Redhat derived, various BSDs, etc)
* Finally nailed (fingers crossed) the elusive cause of
;; connection timed out; no servers could be reached
There are still issues on what state to leave things in, but
at least the file will be turned into garbage closes: #375787
+ sendmail.conf::DAEMON_NETMODE now defaults to Static
+ /etc/{ppp,dhcp3,network,resolvconf}/*/sendmail pass an additional option
+ /usr/share/sendmail/dynamic is much more careful
* ARM is broken, disable -fstack-protector-all closes: #446415
* add FEATURE(use_cw_file) to default sendmail.mc closes: #433216
* remove /usr/share/bug/sendmail-doc -> sendmail closes: #387799
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 20 Oct 2007 23:35:30 -0000
sendmail (8.14.1-10) unstable; urgency=low
* Do not blindly accept client certificates by default
thanks to Jeffrey Honig (from #sendmail@freenode)
NOTE: this only affects new installations - if you've already installed
sendmail, you and haven't changed the default; you should !
/etc/mail/tls/starttls.m4
* Set confRRT_IMPLIES_DSN to upstream default of False
* Enable pool() for libmilter closes: #445307
This should help high performance/load situations where select() just
doesn't scale well
-- Richard A Nelson (Rick) <cowboy@debian.org> Thu, 04 Oct 2007 22:40:00 -0000
sendmail (8.14.1-9) unstable; urgency=low
* Finally drop MAILER(cyrus21) in favour of cyrusv2 * Egads, a rules typo dropped all local patches :( closes: #436185 * upgrade to db4.6 (and newer libdb-dev)
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 13 Aug 2007 20:52:22 -0000
sendmail (8.14.1-8) unstable; urgency=low
* remove dependancy on update-inetd and netbase/inet-superserver
+ Default install uses daemon mode (no need for inetd)
+ update-inetd call predicated upon it existance
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 28 Jul 2007 01:17:00 -0000
sendmail (8.14.1-7) unstable; urgency=low
* buildd's do not honour Build-Depends-Indep:, so replicate that
information on the Build-Depends line to solve FTBFS Closes: #430405
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 29 May 2007 02:21:00 -0000
sendmail (8.14.1-6) unstable; urgency=low
* The `ironclad or die` release, using newer gcc/binutils
features to further reduce the exploit footprint of an
application. Thanks to Marc-Christian Petersen
Read more about all that good stuff at:
http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml#RELRO
* Create an ELF "PT_GNU_RELRO" segment header in the object.
Or in other words: built with "-z relro"
* When generating an executable or shared library, mark it to tell
the dynamic linker to resolve all symbols when the program is
started, or when the shared library is linked to using dlopen,
instead of deferring function call resolution to the point when
the function is first called.
Or in other words: built with "-z now"
* Emit extra code to check for buffer overflows, such as stack
smashing attacks. This is done by adding a guard variable to
functions with vulnerable objects. This includes functions
that call alloca, and functions with buffers larger than 8
bytes. The guards are initialized when a function is entered
and then checked when the function exits. If a guard check
fails, an error message is printed and the program exits.
Or in other words: built with "-fstack-protector-all"
* Compiled as PIE (Position Independant Executable)
This assists PAX enabled kernels, with ASLR, and is also needed
for GRSecurity. Even with stock kernels, this makes the memory
mapping less static, hindering attacks.
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 29 May 2007 02:21:00 -0000
sendmail (8.14.1-5) private; urgency=low
* DH_COMPAT = 5
* Tweak LSB setup of /etc/init.d/sendmail such that stop/start
when DAEMON_MODE=None is not an error
* Clean up rules file abit, more to go (I love deleting suff)
+ drop sm_conf/sm_conf_opt from debian/rules
+ drop old private copy of dbs and use cdbs (not cleanly)
+ drop support of older sendmail versions (8.8.8+)
+ drop support for building on older debian versions (slink+)
+ drop split debian directory kluge
+ drop smX support - it requires a complete revamp
* Things are still complicated by upstream not using autoconf/makefile
builds, but I have used them in support - much of that work remains and
will not be removed in the near term
* Add alternative build-depend for linux-libc-dev (which will depcrecate
linux-kernel-headers)
-- Richard A Nelson (Rick) <cowboy@debian.org> Wed, 23 May 2007 05:00:00 -0000
sendmail (8.14.1-4) unstable; urgency=low
* Fix occasional mailq failures caused by set -e and lsb scripts :(
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 22 May 2007 23:00:00 -0000
sendmail (8.14.1-3) unstable; urgency=low
* Add missing build-depends for linux-kernel-headers
Thanks Marc-Christian Petersen
* LSB init scripts
Thanks Marc-Christian Petersen
* Finally, make rmail a suggestion, not a dependancy
and remove conflicts with old versions closes: #376113
* Suffix _mta to start/stop/configure for ksh closes: #424213
-- Richard A Nelson (Rick) <cowboy@debian.org> Thu, 19 May 2007 20:14:00 -0000
sendmail (8.14.1-2) unstable; urgency=high
* Rebuild against a fixed libd4.5 closes: #423153
-- Richard A Nelson (Rick) <cowboy@debian.org> Thu, 10 May 2007 21:30:00 -0000
sendmail (8.14.1-1) unstable; urgency=low
* *** *** libmilter gets a new version *** ***
*** *** MimeDefang and other packages will need to be rebuilt *** ***
* New upstream release
- Fix 8.14.0 regressions & issues
* Refit patches
* Drop qtool patch, equivalent applied upstream
* Force configure defaults (new machine, gotta get it right)
* update configure.ac for newer db versions
* refresh FAQ
* build against db4.5 closes: #421945
* build-indep-depends on groff, not groff-base closes: #362872
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 05 May 2007 20:10:00 -0000
sendmail (8.14.1-0) private; urgency=low
* New upstream release
- Fix 8.14.0 regressions & issues
* Refit patches
* Drop qtool patch, equivalent applied upstream
* Force configure defaults (new machine, gotta get it right)
* update configure.ac for newer db versions
* refresh FAQ
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 04 Apr 2007 04:00:00 -0000
sendmail (8.14.1.Gamma0-0) private; urgency=low
* New upstream Gamma * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 30 Mar 2007 04:40:00 -0000
sendmail (8.14.1.Beta2-0) private; urgency=low
* New upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 24 Mar 2007 04:30:00 -0000
sendmail (8.14.1.Beta1-0) private; urgency=low
* New upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 09 Mar 2007 17:00:00 -0000
sendmail (8.14.1.Beta0-0) private; urgency=low
* New upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Mon, 05 Mar 2007 05:40:00 -0000
sendmail (8.14.0-0) private; urgency=low
* New upstream Release
- Headers 8bit clean
- Milter enhancements
* Refit patches
* Some issues, so this will not be uploaded - errata of (2007/02/06) help
-- Richard A Nelson (Rick) <cowboy@debian.org> Thu, 01 Feb 2007 16:20:00 -0000
sendmail (8.14.0.Gamma0-0) private; urgency=low
* New upstream Release * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Wed, 31 Jan 2007 20:50:00 -0000
sendmail (8.14.0.Beta5-1) experimental; urgency=low
* New upstream Beta
* Refit patches
* Major item
+ Welcome back space betwixt 'from:' and '<other stuff>'
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 09 Jan 2007 21:40:00 -0000
sendmail (8.14.0.Beta4-1) experimental; urgency=low
* Sigh... built here, but not build machines closes: #405917 * change from ~ to . to appease build scripts and match upstream * drop my check_helo patch, needs rework * Upstream incorporated patch for greet_pause closes: #312164
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 07 Jan 2007 22:50:00 -0000
sendmail (8.14.0~Beta4-1) experimental; urgency=low
* Release to experimental
* New upstream Beta
* Refit patches
* Major new feature:
+ headers are 8 bit "transparent".
+ the milter API has been extended.
* New/improved anti-SPAM features:
+ no false-postives on greet_pause failures due to timeouts/rejections
+ new option MaxNOOPCommands
+ detection of open HTTP proxies (GET, POST, CONNECT, or USER)
+ FEATURE(`require_rdns')
+ FEATURE(`block_bad_helo')
+ FEATURE(`badmx')
+ option `relaytofulladdress' for FEATURE(`access_db')
* Upstream incorporated patch for greet_pause closes: #312164
-- Richard A Nelson (Rick) <cowboy@debian.org> Fri, 05 Jan 2007 19:07:46 -0000
2006
sendmail (8.14.0~Beta4-0) private; urgency=low
* New upstream Beta * Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 25 Dec 2006 04:30:00 -0000
sendmail (8.14.0~Beta3-0) private; urgency=low
* New upstream Beta
* Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Tue, 19 Dec 2006 00:10:00 -0000
sendmail (8.14.0~Beta2-0) private; urgency=low
* New upstream Beta
* Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sat, 09 Dec 2006 18:40:00 -0000
sendmail (8.14.0~Beta1-0) private; urgency=low
* New upstream Beta
* Refit patches
-- Richard A Nelson (Rick) <cowboy@debian.org> Sun, 19 Nov 2006 17:50:00 -0000
sendmail (8.14.0~Beta0-0) private; urgency=low
* New upstream Beta
* Support 8.14 in build tools
* Refit patches
* Update FFRs
-- Richard A Nelson (Rick) <cowboy@debian.org> Wed, 01 Nov 2006 02:30:00 -0000