mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-22 04:17:44 +00:00
49f9275414
v2.108 Released May 07, 2001 17:10 (PST) - try to avoid deadlock in LogBounces() by setting a timeout on the OpenDB() call - add config parameter "umask" [suggested by gshapiro@gshapiro.net] - don't set Reply-To: header in NewPending() [suggested by gshapiro@gshapiro.net] - "mailqueue" is now restricted by the "memberlist" command [suggested by gshapiro@gshapiro.net] - make use of the "domain" setting on preselected lists using the mail interface [requested by gshapiro@gshapiro.net] - trim spaces off of possible signature terminators in IdentifyMessage() [suggested by gshapiro@gshapiro.net] - LIBMSK: reimplement Absolute() The following resulted from a code audit by Greg Shapiro of Sendmail, Inc. <gshapiro@gshapiro.net>, whose help is greatly appreciated: - SECURITY: shed privileges when -C is used on the command line - SECURITY: add a popen() wrapper to shed privileges when the command being executed isn't sendmail - SECURITY: bounce requests or mail referring to addresses containing bogus characters, to prevent remote attacks - SECURITY: add some boundary checking in a few places I'd missed - SECURITY: be paranoid and call sendmail with "--" before arguments provided remotely to prevent remote attacks - SECURITY: verify access permissions with lm_access() to prevent unauthorized file giveaways and overwrites - SECURITY: be pedantic about list names to prevent nasty operations - SECURITY: add and begin using lm_safefopen()
6 lines
325 B
Plaintext
6 lines
325 B
Plaintext
MD5 (listmanager/listmanager.freebsd35) = c11a9860de2fd8393c708b3aecaf0df0
|
|
MD5 (listmanager/INSTALL) = daab4be48e990a66b58e09fece5bb993
|
|
MD5 (listmanager/help.tar.gz) = 55473e6dd480392fa783874723627fcc
|
|
MD5 (listmanager/listmanager.8) = d321176b26b8ddb2a539a69a7bf640a7
|
|
MD5 (listmanager/ack) = 9c35b02b889c69278f7cac1c6b22bab3
|