From owner-freebsd-questions@FreeBSD.ORG  Tue Aug 26 11:37:50 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6918716A4BF
	for <questions@freebsd.org>; Tue, 26 Aug 2003 11:37:50 -0700 (PDT)
Received: from smtp.infracaninophile.co.uk
	(happy-idiot-talk.infracaninophile.co.uk [81.2.69.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B77FA43FCB
	for <questions@freebsd.org>; Tue, 26 Aug 2003 11:37:48 -0700 (PDT)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1])
	h7QIawcc020392
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 26 Aug 2003 19:37:41 +0100 (BST)
	(envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk)
Received: (from matthew@localhost)h7QIavMl020391;
	Tue, 26 Aug 2003 19:36:57 +0100 (BST)	(envelope-from matthew)
Date: Tue, 26 Aug 2003 19:36:57 +0100
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
To: Adam Mazza <adam@68e.com>
Message-ID: <20030826183657.GB16046@happy-idiot-talk.infracaninophile.co.uk>
Mail-Followup-To: Matthew Seaman <m.seaman@infracaninophile.co.uk>,
	Adam Mazza <adam@68e.com>,
	"questions@freebsd.org" <questions@freebsd.org>
References: <Pine.NEB.4.56.0308260941440.19198@panix3.panix.com>
	<20030826153700.GA89321@happy-idiot-talk.infracaninophile.co.uk>
	<Pine.NEB.4.56.0308261237580.23996@panix3.panix.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="f2QGlHpHGjS2mn6Y"
Content-Disposition: inline
In-Reply-To: <Pine.NEB.4.56.0308261237580.23996@panix3.panix.com>
User-Agent: Mutt/1.5.4i
X-Spam-Status: No, hits=-8.1 required=5.0
	tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2,
	      QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES,
	      USER_AGENT_MUTT
	autolearn=ham version=2.55
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
cc: "questions@freebsd.org" <questions@freebsd.org>
Subject: Re: FreeBSD-SA-03:11.sendmail
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Aug 2003 18:37:50 -0000


--f2QGlHpHGjS2mn6Y
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Aug 26, 2003 at 12:39:13PM -0400, Adam Mazza wrote:
>=20
> Thanks for the response. I went ahead and am running P4 but my sendmail
> version didn't actually change, it's still 8.12.8p1 does the fix not
> upgrade to 8.12.9

The advisory has since come out on freebsd-announce@...=20
FreeBSD-SA-03:11.sendmail is on the FTP site at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:11.sendmail=
=2Easc
and the link on the website front page will appear Real Soon Now.

If you look at
http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/sendmail/src/?sortby=3Dda=
te&only_with_tag=3DRELENG_4_8#dirlist
you'll see that the fix requires a minimal patch to the file
sm_resolve.c:

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/local/www/cvsroot/FreeBSD/src/contrib/sendmail/src/sm_resolv=
e.c,v
retrieving revision 1.1.1.1.2.2
retrieving revision 1.1.1.1.2.2.4.1
diff -u -p -r1.1.1.1.2.2 -r1.1.1.1.2.2.4.1
--- src/contrib/sendmail/src/sm_resolve.c	2002/06/27 20:43:24	1.1.1.1.2.2
+++ src/contrib/sendmail/src/sm_resolve.c	2003/08/25 22:35:23	1.1.1.1.2.2.4=
=2E1
@@ -233,6 +233,7 @@ parse_dns_reply(data, len)
 			dns_free_data(r);
 			return NULL;
 		}
+		memset(*rr, 0, sizeof(**rr));
 		(*rr)->rr_domain =3D sm_strdup(host);
 		if ((*rr)->rr_domain =3D=3D NULL)
 		{

This has been applied to all of the code branches mentioned in the
advisory, but only STABLE (RELENG_4) and CURRENT (HEAD) got the full
import of sendmail-8.12.9, which contains other, non-security related,
fixes as well.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

--f2QGlHpHGjS2mn6Y
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/S6jJdtESqEQa7a0RAi/XAJ419XGeZyd7diyL9Qh9808UKSELoACbB3Nz
M4tNese3vrCk1qVevHkJdF4=
=czn9
-----END PGP SIGNATURE-----

--f2QGlHpHGjS2mn6Y--