Bugtraq mailing list archives
Sendmail 8.6.10: what's different?
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Thu, 23 Feb 1995 07:58:00 -0500
I diffed 8.6.10 against what I was previously running (8.6.8). Significant changes from bugtraq's point of view are mostly being more paranoid about believing strings coming from possibly-untrustworthy sources. Here's the list: - Truncate df files when collecting, as mentioned in the RELEASE_NOTES. - When processing ident info, call cleanstrcpy() to strip trash from the returned username. - The -B command-line flag argument is checked; it must be 7bit or 8bitmime. (8.6.8 blindly believed whatever was handed to it.) - The -f command-line flag strips newlines from its argument. - The -p command-line flag is a bit more paranoid about what's passed to it; the argument is now length-limited and cleanstrcpy()ed. - FullName (taken from $NAME, or -F command-line flag) is now checked for newlines. - map.c has lots of changes I don't understand; most of them probably are not relevant, but some may be. - When creating a queue file, delete newlines from several things: specifically, the M, $r, $s, $_, S, E, R, and C lines. - A macro defintion will have its argument cleanstrcpy()ed if the source of the string is not safe (eg, command-line). - In sendtolist(), newlines are stripped from something - the list of addresses, I think, but I could be wrong. - When generating a failure letter, the Subject: header is length-limited, apparently to avoid a buffer overflow. - When generating the initial 220 greeting for SMTP, newlines are checked for and the message truncated at the first one if found. cleanstrcpy(), referred to several times above, is like strcpy, but it strips newlines and copies only a restricted set of characters: letters, digits, and !#$%&'*+-./^_`{|}~ - why that set was chosen, there's no indication. In the above, "strips newlines" actually means replacing them with spaces, not deleting them entirely. (If a newline is found, sendmail tries to log a warning.) der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Re: snooper watchers, (continued)
- Re: snooper watchers Eric Conrad (Feb 22)
- Re: snooper watchers Ben Taylor (Feb 22)
- CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd) Paul 'Shag' Walmsley (Feb 22)
- Re: CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd) Dave Schweisguth (Feb 23)
- Sendmail 8.6.9 security hole Igor V. Semenyuk (Feb 22)
- Re: Sendmail 8.6.9 security hole Christopher Samuel (Feb 23)
- Sun Security Bulletin #129 (sendmail) Mark Graff (Feb 22)
- new sendmail bug? James W. Abendschan (Feb 22)
- Re: new sendmail bug? joel (Feb 22)
- Re: new sendmail bug? Dave Horsfall (Feb 22)
- Sendmail 8.6.10: what's different? der Mouse (Feb 23)
- X keyboard sniffing Paul Howell (Feb 23)
- Re: Sendmail 8.6.10: what's different? Igor V. Semenyuk (Feb 23)
- Re: Sendmail 8.6.10: what's different? Peter Wemm (Feb 24)
- Re: Sendmail 8.6.10: what's different? Peter Wemm (Feb 23)
- Re: Sendmail 8.6.10: what's different? Christian Wettergren (Feb 24)
- Re: new sendmail bug? Michael Van Norman (Feb 23)
- Re: snooper watchers Aleph One (Feb 22)
- Re: HP-UX Problem... Pete Shipley (Feb 21)