Patch-ID# 103595-19 Keywords: security sendmail V8 HP openmail BIND 4.9.3 libresolv.so.2 web Synopsis: SunOS 5.5.1_x86: sendmail fixes Date: Jun/15/99 Solaris Release: 2.5.1_x86 SunOS Release: 5.5.1_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 103594 Xref: This patch available for PPC as patch 103596 Topic: SunOS 5.5.1_x86: sendmail fixes NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. BugId's fixed with this patch: 1241168 1241841 1242930 1244027 1245185 1246623 1247867 1249090 1249900 1252530 1252675 1253584 1258420 1261561 1265017 1265313 1267313 4011634 4015151 4017798 4018487 4018511 4022409 4027534 4028707 4030794 4034927 4035001 4037078 4069756 4072035 4086447 4087808 4132274 4167931 4167953 4171646 4175384 4204832 4214268 4215670 Changes incorporated in this version: 4215670 Relevant Architectures: i386 Patches accumulated and obsoleted by this patch: 105521-01 Patches which conflict with this patch: Patches required with this patch: 103664-01 (or newer) Obsoleted by: Files included with this patch: /etc/init.d/sendmail /etc/mail/main.cf /etc/mail/sendmail.cf /etc/mail/sendmail.hf /etc/mail/subsidiary.cf /etc/rc0.d/K57sendmail /etc/rc1.d/K57sendmail /etc/rc2.d/S88sendmail /usr/bin/aliasadm /usr/bin/mailcompat /usr/bin/mailstats /usr/bin/mconnect /usr/bin/vacation /usr/lib/mail/README /usr/lib/mail/cf/main-v7sun.cf /usr/lib/mail/cf/main-v7sun.mc /usr/lib/mail/cf/subsidiary-v7sun.cf /usr/lib/mail/cf/subsidiary-v7sun.mc /usr/lib/mail/domain/generic.m4 /usr/lib/mail/domain/solaris-generic.m4 /usr/lib/mail/feature/allmasquerade.m4 /usr/lib/mail/feature/always_add_domain.m4 /usr/lib/mail/feature/bestmx_is_local.m4 /usr/lib/mail/feature/bitdomain.m4 /usr/lib/mail/feature/domaintable.m4 /usr/lib/mail/feature/generics_entire_domain.m4 /usr/lib/mail/feature/genericstable.m4 /usr/lib/mail/feature/limited_masquerade.m4 /usr/lib/mail/feature/mailertable.m4 /usr/lib/mail/feature/masquerade_entire_domain.m4 /usr/lib/mail/feature/masquerade_envelope.m4 /usr/lib/mail/feature/nocanonify.m4 /usr/lib/mail/feature/nodns.m4 /usr/lib/mail/feature/notsticky.m4 /usr/lib/mail/feature/nouucp.m4 /usr/lib/mail/feature/nullclient.m4 /usr/lib/mail/feature/redirect.m4 /usr/lib/mail/feature/remote_mode.m4 /usr/lib/mail/feature/smrsh.m4 /usr/lib/mail/feature/stickyhost.m4 /usr/lib/mail/feature/sun_reverse_alias_files.m4 /usr/lib/mail/feature/sun_reverse_alias_nis.m4 /usr/lib/mail/feature/sun_reverse_alias_nisplus.m4 /usr/lib/mail/feature/use_ct_file.m4 /usr/lib/mail/feature/use_cw_file.m4 /usr/lib/mail/feature/uucpdomain.m4 /usr/lib/mail/feature/virtusertable.m4 /usr/lib/mail/m4/cf.m4 /usr/lib/mail/m4/cfhead.m4 /usr/lib/mail/m4/nullrelay.m4 /usr/lib/mail/m4/proto.m4 /usr/lib/mail/m4/version.m4 /usr/lib/mail/mailer/local.m4 /usr/lib/mail/mailer/smtp.m4 /usr/lib/mail/mailer/uucp.m4 /usr/lib/mail/ostype/solaris2.m4 /usr/lib/mail/ostype/solaris2.ml.m4 /usr/lib/mail/sh/makeinfo.sh /usr/lib/mail.local /usr/lib/sendmail /usr/sbin/makemap Problem Description: 4215670 sendmail dumps core when converting multipart MIME message from 8bit to 7bit (from 103595-18) 4214268 upgrade sendmail 8.8.8+sun patch (2.5.1/2.6) with DontProbeInterfaces option (from 103595-17) 4167931 sendmail back/compat: off-by-one error in ${Xfoo$} look-ups 4167953 sendmail back/compat: new ${longmacro} syntax breaks old ${Xfoo$} look-ups 4171646 sendmail's old I option is deprecated; use dns on hosts line in nsswitch instead 4175384 host name can be qualified using NIS domain even if NIS not set in nsswitch.conf 4204832 sendmail occasionally incorrectly returns ECONNABORTED (from 103595-16) 4086447 Current bundled Sendmail is not secure against SPAM or mail Bombs (from 103595-15) 4132274 security user can cause sendmail to core at will with formatted addr (from 103595-14) 4087808 Security bug: /usr/lib/mail.local -d affects ownership of /var/mail/user (from 103595-13) 1247867 mail.local strips long from address 1246623 mail.local porting introduced security problem (from 103595-12) 4069756 "cannot bind to NIS domain" should not be a fatal error (from 103595-11) 4034927 sendmail in bs mode doesn't work with -or option 4035001 sendmail can't create file 4037078 sendmail sends email to the mailhost instead of sending it directly 4022409 sendmail dumps core after rewriting the ruleset 0 4027534 V0-V5 options cause sendmail alias rebuild to fail. 1265313 sendmail v8 dumps core with alias include file owned by unknown user 1261561 getmxrr: res_search (eng) failed with impossible h_errno (-1) 4015151 sendmail fails to use scanf for 'F' command in sendmail.cf 1241168 Race condition exists 1252675 sendmail will match on comments in the hosts file 1242930 sendmail displays multiple dbm put error messages 1258420 sendmail does not quote nis+ special characters in mail alias expansion 1249090 sendmail V8 coredumps while deivering from mail queue to HP openmail (from 103595-10) 4028707 sendmail should use SIOCGIFNUM before using SIOCGIFCONF (from 103595-09) 4018511 Security bug: Sendmail Group Permissions Vulnerability 4030794 sendmail gets From: field wrong 4017798 Sendmail in bs mode ignores the Orident option (from 103595-08) 4018487 Security Bug: Sendmail Treats The w Option As Safe (from 103595-07) 4011634 a user can redirect messages to unqualified domain names 1267313 sendmail security bug - Sendmail CERT advisory 96.20 (from 103595-06) 1265017 V8 sendmail patch breaks F=U (UNIX-Style From line) flag 1245185 alias indirect self reference is broken in sendmail v8 (from 103595-05) 1252530 make aliases fail 1244027 NIS mail.aliases DBM map built from v8 sendmail breaks v5 sendmail clients (from 103595-04) 1249900 Transient parse error when using NIS+ prevents sendmail outside the domain (from 103595-03) 1253584 Sendmail source update and rebuild for BIND 4.9.3 (from 103595-02) 1249090 sendmail V8 coredumps while deivering from mail queue to HP openmail (from 103595-01) 1241841 Sendmail V8 coredumps when using HP openmail, or Novell Groupwise SMTP Gateway (from 105521-01) 4072035 Security hole in vacation program. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- Refer to the file called SPECIAL_INSTRUCTIONS which came with this patch. It provides information about migration changes and new features in sendmail version 8.8.8+Sun. This patch requires the i386 libresolv.so.2/BIND 4.9.3 patch, 103664-01, to be installed on the target system. NOTE 1: It is recommended to install the following patches: 103681-01 (or newer) nscd/nscd_nischeck rebuild for BIND 4.9.3 103684-01 (or newer) nss_dns.so.1 rebuild for BIND 4.9.3 103687-01 (or newer) rpc.nisd_resolv rebuild for BIND 4.9.3 NOTE 2: We recommend installing the following patches to get the complete support for large IP addresses: 103581-13 (or newer) kernel/drv/tcp patch 103631-08 (or newer) kernel/drv/ip patch 104332-03 (or newer) usr/sbin/rpcbind patch 104957-01 (or newer) usr/sbin/in.rarpd patch 104959-01 (or newer) usr/sbin/in.rdisc patch 104961-01 (or newer) usr/sbin/snoop patch