FreeBSD Security Advisories
2006-Mar-22 16:12 UTC
FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
============================================================================FreeBSD-SA-06:13.sendmail
Security Advisory
The FreeBSD Project
Topic: Race condition in sendmail
Category: contrib
Module: contrib_sendmail
Announced: 2006-03-22
Affects: All FreeBSD releases.
Corrected: 2006-03-22 16:01:08 UTC (RELENG_6, 6.1-STABLE)
2006-03-22 16:01:38 UTC (RELENG_6_0, 6.0-RELEASE-p6)
2006-03-22 16:01:56 UTC (RELENG_5, 5.5-STABLE)
2006-03-22 16:02:17 UTC (RELENG_5_4, 5.4-RELEASE-p13)
2006-03-22 16:02:35 UTC (RELENG_5_3, 5.3-RELEASE-p28)
2006-03-22 16:02:49 UTC (RELENG_4, 4.11-STABLE)
2006-03-22 16:03:05 UTC (RELENG_4_11, 4.11-RELEASE-p16)
2006-03-22 16:03:25 UTC (RELENG_4_10, 4.10-RELEASE-p22)
CVE Name: CVE-2006-0058
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.
NOTE: The issue discussed in this advisory was reported to the FreeBSD
Security Team, and the patch which corrects it was supplied, by the
Sendmail Consortium via CERT. Due to the limited information available
concerning the nature of the vulnerability, the FreeBSD Security Team
has not been able to evaluate the effectiveness of the fixes, nor the
possibility of other workarounds.
I. Background
FreeBSD includes sendmail(8), a general purpose internetwork mail
routing facility, as the default Mail Transfer Agent (MTA).
II. Problem Description
A race condition has been reported to exist in the handling by sendmail
of asynchronous signals.
III. Impact
A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
IV. Workaround
There is no known workaround other than disabling sendmail.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE,
or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or
RELENG_4_10 security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 4.10,
4.11, 5.3, 5.4, and 6.0 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 4.10]
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch.asc
[FreeBSD 4.11 and FreeBSD 5.3]
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch.asc
[FreeBSD 5.4, and FreeBSD 6.x]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libsm
# make obj && make depend && make
# cd /usr/src/lib/libsmutil
# make obj && make depend && make
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_4
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.6
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.4
src/contrib/sendmail/src/collect.c 1.1.1.4.2.17
src/contrib/sendmail/src/conf.c 1.5.2.20
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.20
src/contrib/sendmail/src/headers.c 1.4.2.16
src/contrib/sendmail/src/mime.c 1.1.1.3.2.10
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.20
src/contrib/sendmail/src/savemail.c 1.4.2.13
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.22
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.16
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.3
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.20
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.17
src/contrib/sendmail/src/util.c 1.1.1.3.2.15
RELENG_4_11
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.12.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.5.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.3.2.1
src/contrib/sendmail/src/collect.c 1.1.1.4.2.14.2.1
src/contrib/sendmail/src/conf.c 1.5.2.17.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.17.2.1
src/contrib/sendmail/src/headers.c 1.4.2.14.2.1
src/contrib/sendmail/src/mime.c 1.1.1.3.2.8.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.17.2.1
src/contrib/sendmail/src/savemail.c 1.4.2.11.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.19.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.14.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.12.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.17.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.14.2.1
src/contrib/sendmail/src/util.c 1.1.1.3.2.13.2.1
src/UPDATING 1.73.2.91.2.17
src/sys/conf/newvers.sh 1.44.2.39.2.20
RELENG_4_10
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.10.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.4.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.2.6.1
src/contrib/sendmail/src/collect.c 1.1.1.4.2.13.2.1
src/contrib/sendmail/src/conf.c 1.5.2.16.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.16.2.1
src/contrib/sendmail/src/headers.c 1.4.2.13.2.1
src/contrib/sendmail/src/mime.c 1.1.1.3.2.7.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.16.2.1
src/contrib/sendmail/src/savemail.c 1.4.2.10.6.1
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.18.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.13.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.10.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.16.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.13.2.1
src/contrib/sendmail/src/util.c 1.1.1.3.2.12.2.1
src/UPDATING 1.73.2.90.2.23
src/sys/conf/newvers.sh 1.33.2.34.2.24
RELENG_5
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.8.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.2.1
src/contrib/sendmail/src/collect.c 1.1.1.19.2.3
src/contrib/sendmail/src/conf.c 1.26.2.3
src/contrib/sendmail/src/deliver.c 1.1.1.21.2.3
src/contrib/sendmail/src/headers.c 1.20.2.2
src/contrib/sendmail/src/mime.c 1.1.1.12.2.2
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.3
src/contrib/sendmail/src/savemail.c 1.16.2.2
src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.3
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.2
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.8.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.3
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.3
src/contrib/sendmail/src/util.c 1.1.1.17.2.2
RELENG_5_4
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.12.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.6.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.6.1
src/contrib/sendmail/src/collect.c 1.1.1.19.2.1.2.1
src/contrib/sendmail/src/conf.c 1.26.2.1.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.21.2.1.2.1
src/contrib/sendmail/src/headers.c 1.20.2.1.2.1
src/contrib/sendmail/src/mime.c 1.1.1.12.2.1.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.1.2.1
src/contrib/sendmail/src/savemail.c 1.16.2.1.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.1.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.1.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.12.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.1.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.1.2.1
src/contrib/sendmail/src/util.c 1.1.1.17.2.1.2.1
src/UPDATING 1.342.2.24.2.22
src/sys/conf/newvers.sh 1.62.2.18.2.18
RELENG_5_3
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.10.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.4.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.4.1
src/contrib/sendmail/src/collect.c 1.1.1.19.4.1
src/contrib/sendmail/src/conf.c 1.26.4.1
src/contrib/sendmail/src/deliver.c 1.1.1.21.4.1
src/contrib/sendmail/src/headers.c 1.20.4.1
src/contrib/sendmail/src/mime.c 1.1.1.12.4.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.4.1
src/contrib/sendmail/src/savemail.c 1.16.4.1
src/contrib/sendmail/src/sendmail.h 1.1.1.23.4.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.4.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.10.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.4.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.4.1
src/contrib/sendmail/src/util.c 1.1.1.17.4.1
src/UPDATING 1.342.2.13.2.31
src/sys/conf/newvers.sh 1.62.2.15.2.33
RELENG_6
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.14.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.8.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.8.1
src/contrib/sendmail/src/collect.c 1.1.1.21.2.1
src/contrib/sendmail/src/conf.c 1.28.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.23.2.1
src/contrib/sendmail/src/headers.c 1.21.2.1
src/contrib/sendmail/src/mime.c 1.1.1.13.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.22.2.1
src/contrib/sendmail/src/savemail.c 1.17.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.26.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.15.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.14.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.21.2.1
src/contrib/sendmail/src/util.c 1.1.1.18.2.1
RELENG_6_0
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.16.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.10.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.10.1
src/contrib/sendmail/src/collect.c 1.1.1.21.4.1
src/contrib/sendmail/src/conf.c 1.28.4.1
src/contrib/sendmail/src/deliver.c 1.1.1.23.4.1
src/contrib/sendmail/src/headers.c 1.21.4.1
src/contrib/sendmail/src/mime.c 1.1.1.13.4.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.22.4.1
src/contrib/sendmail/src/savemail.c 1.17.4.1
src/contrib/sendmail/src/sendmail.h 1.1.1.26.4.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.15.4.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.16.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.4.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.21.4.1
src/contrib/sendmail/src/util.c 1.1.1.18.4.1
src/UPDATING 1.416.2.3.2.11
src/sys/conf/newvers.sh 1.69.2.8.2.7
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
The latest revision of this advisory is available at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)
iD8DBQFEIXZWFdaIBMps37IRAldYAJ9nd+wQMJlQObUuio5tBEFwD0ULwwCbB2eI
u3JkyVwHx4WOgmZkg9QKang=d3RW
-----END PGP SIGNATURE-----
FreeBSD Security Advisories
2006-Mar-22 16:12 UTC
FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
============================================================================FreeBSD-SA-06:13.sendmail
Security Advisory
The FreeBSD Project
Topic: Race condition in sendmail
Category: contrib
Module: contrib_sendmail
Announced: 2006-03-22
Affects: All FreeBSD releases.
Corrected: 2006-03-22 16:01:08 UTC (RELENG_6, 6.1-STABLE)
2006-03-22 16:01:38 UTC (RELENG_6_0, 6.0-RELEASE-p6)
2006-03-22 16:01:56 UTC (RELENG_5, 5.5-STABLE)
2006-03-22 16:02:17 UTC (RELENG_5_4, 5.4-RELEASE-p13)
2006-03-22 16:02:35 UTC (RELENG_5_3, 5.3-RELEASE-p28)
2006-03-22 16:02:49 UTC (RELENG_4, 4.11-STABLE)
2006-03-22 16:03:05 UTC (RELENG_4_11, 4.11-RELEASE-p16)
2006-03-22 16:03:25 UTC (RELENG_4_10, 4.10-RELEASE-p22)
CVE Name: CVE-2006-0058
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.
NOTE: The issue discussed in this advisory was reported to the FreeBSD
Security Team, and the patch which corrects it was supplied, by the
Sendmail Consortium via CERT. Due to the limited information available
concerning the nature of the vulnerability, the FreeBSD Security Team
has not been able to evaluate the effectiveness of the fixes, nor the
possibility of other workarounds.
I. Background
FreeBSD includes sendmail(8), a general purpose internetwork mail
routing facility, as the default Mail Transfer Agent (MTA).
II. Problem Description
A race condition has been reported to exist in the handling by sendmail
of asynchronous signals.
III. Impact
A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
IV. Workaround
There is no known workaround other than disabling sendmail.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE,
or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or
RELENG_4_10 security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 4.10,
4.11, 5.3, 5.4, and 6.0 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 4.10]
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch.asc
[FreeBSD 4.11 and FreeBSD 5.3]
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch.asc
[FreeBSD 5.4, and FreeBSD 6.x]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch
# fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libsm
# make obj && make depend && make
# cd /usr/src/lib/libsmutil
# make obj && make depend && make
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_4
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.6
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.4
src/contrib/sendmail/src/collect.c 1.1.1.4.2.17
src/contrib/sendmail/src/conf.c 1.5.2.20
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.20
src/contrib/sendmail/src/headers.c 1.4.2.16
src/contrib/sendmail/src/mime.c 1.1.1.3.2.10
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.20
src/contrib/sendmail/src/savemail.c 1.4.2.13
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.22
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.16
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.3
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.20
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.17
src/contrib/sendmail/src/util.c 1.1.1.3.2.15
RELENG_4_11
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.12.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.5.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.3.2.1
src/contrib/sendmail/src/collect.c 1.1.1.4.2.14.2.1
src/contrib/sendmail/src/conf.c 1.5.2.17.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.17.2.1
src/contrib/sendmail/src/headers.c 1.4.2.14.2.1
src/contrib/sendmail/src/mime.c 1.1.1.3.2.8.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.17.2.1
src/contrib/sendmail/src/savemail.c 1.4.2.11.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.19.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.14.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.12.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.17.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.14.2.1
src/contrib/sendmail/src/util.c 1.1.1.3.2.13.2.1
src/UPDATING 1.73.2.91.2.17
src/sys/conf/newvers.sh 1.44.2.39.2.20
RELENG_4_10
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.10.1
src/contrib/sendmail/libsm/local.h 1.1.1.1.2.4.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.2.6.1
src/contrib/sendmail/src/collect.c 1.1.1.4.2.13.2.1
src/contrib/sendmail/src/conf.c 1.5.2.16.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.3.2.16.2.1
src/contrib/sendmail/src/headers.c 1.4.2.13.2.1
src/contrib/sendmail/src/mime.c 1.1.1.3.2.7.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.16.2.1
src/contrib/sendmail/src/savemail.c 1.4.2.10.6.1
src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.18.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.13.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.10.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.16.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.13.2.1
src/contrib/sendmail/src/util.c 1.1.1.3.2.12.2.1
src/UPDATING 1.73.2.90.2.23
src/sys/conf/newvers.sh 1.33.2.34.2.24
RELENG_5
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.8.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.2.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.2.1
src/contrib/sendmail/src/collect.c 1.1.1.19.2.3
src/contrib/sendmail/src/conf.c 1.26.2.3
src/contrib/sendmail/src/deliver.c 1.1.1.21.2.3
src/contrib/sendmail/src/headers.c 1.20.2.2
src/contrib/sendmail/src/mime.c 1.1.1.12.2.2
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.3
src/contrib/sendmail/src/savemail.c 1.16.2.2
src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.3
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.2
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.8.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.3
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.3
src/contrib/sendmail/src/util.c 1.1.1.17.2.2
RELENG_5_4
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.12.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.6.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.6.1
src/contrib/sendmail/src/collect.c 1.1.1.19.2.1.2.1
src/contrib/sendmail/src/conf.c 1.26.2.1.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.21.2.1.2.1
src/contrib/sendmail/src/headers.c 1.20.2.1.2.1
src/contrib/sendmail/src/mime.c 1.1.1.12.2.1.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.1.2.1
src/contrib/sendmail/src/savemail.c 1.16.2.1.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.1.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.1.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.12.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.1.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.1.2.1
src/contrib/sendmail/src/util.c 1.1.1.17.2.1.2.1
src/UPDATING 1.342.2.24.2.22
src/sys/conf/newvers.sh 1.62.2.18.2.18
RELENG_5_3
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.10.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.4.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.4.1
src/contrib/sendmail/src/collect.c 1.1.1.19.4.1
src/contrib/sendmail/src/conf.c 1.26.4.1
src/contrib/sendmail/src/deliver.c 1.1.1.21.4.1
src/contrib/sendmail/src/headers.c 1.20.4.1
src/contrib/sendmail/src/mime.c 1.1.1.12.4.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.20.4.1
src/contrib/sendmail/src/savemail.c 1.16.4.1
src/contrib/sendmail/src/sendmail.h 1.1.1.23.4.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.14.4.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.10.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.4.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.18.4.1
src/contrib/sendmail/src/util.c 1.1.1.17.4.1
src/UPDATING 1.342.2.13.2.31
src/sys/conf/newvers.sh 1.62.2.15.2.33
RELENG_6
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.14.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.8.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.8.1
src/contrib/sendmail/src/collect.c 1.1.1.21.2.1
src/contrib/sendmail/src/conf.c 1.28.2.1
src/contrib/sendmail/src/deliver.c 1.1.1.23.2.1
src/contrib/sendmail/src/headers.c 1.21.2.1
src/contrib/sendmail/src/mime.c 1.1.1.13.2.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.22.2.1
src/contrib/sendmail/src/savemail.c 1.17.2.1
src/contrib/sendmail/src/sendmail.h 1.1.1.26.2.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.15.2.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.14.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.2.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.21.2.1
src/contrib/sendmail/src/util.c 1.1.1.18.2.1
RELENG_6_0
src/contrib/sendmail/libsm/fflush.c 1.1.1.3.16.1
src/contrib/sendmail/libsm/local.h 1.1.1.7.10.1
src/contrib/sendmail/libsm/refill.c 1.1.1.5.10.1
src/contrib/sendmail/src/collect.c 1.1.1.21.4.1
src/contrib/sendmail/src/conf.c 1.28.4.1
src/contrib/sendmail/src/deliver.c 1.1.1.23.4.1
src/contrib/sendmail/src/headers.c 1.21.4.1
src/contrib/sendmail/src/mime.c 1.1.1.13.4.1
src/contrib/sendmail/src/parseaddr.c 1.1.1.22.4.1
src/contrib/sendmail/src/savemail.c 1.17.4.1
src/contrib/sendmail/src/sendmail.h 1.1.1.26.4.1
src/contrib/sendmail/src/sfsasl.c 1.1.1.15.4.1
src/contrib/sendmail/src/sfsasl.h 1.1.1.4.16.1
src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.4.1
src/contrib/sendmail/src/usersmtp.c 1.1.1.21.4.1
src/contrib/sendmail/src/util.c 1.1.1.18.4.1
src/UPDATING 1.416.2.3.2.11
src/sys/conf/newvers.sh 1.69.2.8.2.7
- -------------------------------------------------------------------------
VII. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
The latest revision of this advisory is available at
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)
iD8DBQFEIXZWFdaIBMps37IRAldYAJ9nd+wQMJlQObUuio5tBEFwD0ULwwCbB2eI
u3JkyVwHx4WOgmZkg9QKang=d3RW
-----END PGP SIGNATURE-----
Hi,
The patches apply cleanly on RELENG_4, but sendmail does not
compile properly using
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install
rm -f .depend
mkdep -f .depend
-a -I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/include -I.
-DNEWDB -DNIS -DMILTER -DTCPWRAPPERS -DMAP_REGEX -DDNSMAP -DNETINET6
-DSTARTTLS -D_FFR_TLS_1
-D_FFR_DEAL_WITH_ERROR_SSL
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/alias.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/arpadate.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/bf.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/conf.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/control.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/convtime.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/daemon.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/deliver.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/domain.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/envelope.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/err.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/headers.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/macro.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/main.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/map.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/mci.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/milter.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/mime.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/parseaddr.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/queue.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/ratectrl.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/readcf.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/recipient.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/savemail.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/sasl.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/sfsasl.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/shmticklib.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/sm_resolve.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/srvrsmtp.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/stab.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/stats.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/sysexits.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/timers.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/tls.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/trace.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/udb.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/usersmtp.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/util.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/version.c
echo sendmail: /usr/lib/libc.a /usr/lib/libutil.a /usr/lib/libwrap.a
/usr/obj/usr/src/usr.sbin/sendmail/../../lib/libsmutil/libsmutil.a
/usr/obj/usr/src/usr.sbin/sendmail/../../lib/libsm/libsm.a
/usr/lib/libssl.a /usr/lib/libcrypto.a >> .depend
cc -O -pipe -march=pentiumpro
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/include -I.
-DNEWDB -DNIS -DMILTER -DTCPWRAPPERS -DMAP_REGEX -DDNSMAP -DNETINET6
-DSTARTTLS -D_FFR_TLS_1 -D_FFR_DEAL_WITH_ERROR_SSL -c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/alias.c
cc -O -pipe -march=pentiumpro
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/include -I.
-DNEWDB -DNIS -DMILTER -DTCPWRAPPERS -DMAP_REGEX -DDNSMAP -DNETINET6
-DSTARTTLS -D_FFR_TLS_1 -D_FFR_DEAL_WITH_ERROR_SSL -c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/arpadate.c
cc -O -pipe -march=pentiumpro
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/include -I.
-DNEWDB -DNIS -DMILTER -DTCPWRAPPERS -DMAP_REGEX -DDNSMAP -DNETINET6
-DSTARTTLS -D_FFR_TLS_1 -D_FFR_DEAL_WITH_ERROR_SSL -c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/bf.c
cc -O -pipe -march=pentiumpro
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src
-I/usr/src/usr.sbin/sendmail/../../contrib/sendmail/include -I.
-DNEWDB -DNIS -DMILTER -DTCPWRAPPERS -DMAP_REGEX -DDNSMAP -DNETINET6
-DSTARTTLS -D_FFR_TLS_1 -D_FFR_DEAL_WITH_ERROR_SSL -c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c: In
function `collecttimeout':
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c:941:
`CollectProgress' undeclared (first use in this function)
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c:941:
(Each undeclared identifier is reported only once
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c:941:
for each function it appears in.)
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c:944:
`CollectTimeout' undeclared (first use in this function)
/usr/src/usr.sbin/sendmail/../../contrib/sendmail/src/collect.c:958:
`CtxCollectTimeout' undeclared (first use in this function)
*** Error code 1
Stop in /usr/src/usr.sbin/sendmail.
This is on
4.11-STABLE FreeBSD 4.11-STABLE #0: Mon Feb 13 17:36:36 EST 2006
---Mike
At 11:11 AM 22/03/2006, FreeBSD Security Advisories
wrote:>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>============================================================================>FreeBSD-SA-06:13.sendmail
Security Advisory
> The FreeBSD
Project
>
>Topic: Race condition in sendmail
>
>Category: contrib
>Module: contrib_sendmail
>Announced: 2006-03-22
>Affects: All FreeBSD releases.
>Corrected: 2006-03-22 16:01:08 UTC (RELENG_6, 6.1-STABLE)
> 2006-03-22 16:01:38 UTC (RELENG_6_0, 6.0-RELEASE-p6)
> 2006-03-22 16:01:56 UTC (RELENG_5, 5.5-STABLE)
> 2006-03-22 16:02:17 UTC (RELENG_5_4, 5.4-RELEASE-p13)
> 2006-03-22 16:02:35 UTC (RELENG_5_3, 5.3-RELEASE-p28)
> 2006-03-22 16:02:49 UTC (RELENG_4, 4.11-STABLE)
> 2006-03-22 16:03:05 UTC (RELENG_4_11, 4.11-RELEASE-p16)
> 2006-03-22 16:03:25 UTC (RELENG_4_10, 4.10-RELEASE-p22)
>CVE Name: CVE-2006-0058
>
>For general information regarding FreeBSD Security Advisories,
>including descriptions of the fields above, security branches, and the
>following sections, please visit
><URL:http://www.freebsd.org/security/>.
>
>NOTE: The issue discussed in this advisory was reported to the FreeBSD
>Security Team, and the patch which corrects it was supplied, by the
>Sendmail Consortium via CERT. Due to the limited information available
>concerning the nature of the vulnerability, the FreeBSD Security Team
>has not been able to evaluate the effectiveness of the fixes, nor the
>possibility of other workarounds.
>
>I. Background
>
>FreeBSD includes sendmail(8), a general purpose internetwork mail
>routing facility, as the default Mail Transfer Agent (MTA).
>
>II. Problem Description
>
>A race condition has been reported to exist in the handling by sendmail
>of asynchronous signals.
>
>III. Impact
>
>A remote attacker may be able to execute arbitrary code with the
>privileges of the user running sendmail, typically root.
>
>IV. Workaround
>
>There is no known workaround other than disabling sendmail.
>
>V. Solution
>
>Perform one of the following:
>
>1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE,
>or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or
>RELENG_4_10 security branch dated after the correction date.
>
>2) To patch your present system:
>
>The following patches have been verified to apply to FreeBSD 4.10,
>4.11, 5.3, 5.4, and 6.0 systems.
>
>a) Download the relevant patch from the location below, and verify the
>detached PGP signature using your PGP utility.
>
>[FreeBSD 4.10]
># fetch
>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch
># fetch
>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch.asc
>
>[FreeBSD 4.11 and FreeBSD 5.3]
># fetch
>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
># fetch
>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch.asc
>
>[FreeBSD 5.4, and FreeBSD 6.x]
># fetch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch
># fetch
>ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch.asc
>
>b) Execute the following commands as root:
>
># cd /usr/src
># patch < /path/to/patch
># cd /usr/src/lib/libsm
># make obj && make depend && make
># cd /usr/src/lib/libsmutil
># make obj && make depend && make
># cd /usr/src/usr.sbin/sendmail
># make obj && make depend && make && make install
>
>VI. Correction details
>
>The following list contains the revision numbers of each file that was
>corrected in FreeBSD.
>
>Branch Revision
> Path
>- -------------------------------------------------------------------------
>RELENG_4
> src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1
> src/contrib/sendmail/libsm/local.h 1.1.1.1.2.6
> src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.4
> src/contrib/sendmail/src/collect.c 1.1.1.4.2.17
> src/contrib/sendmail/src/conf.c 1.5.2.20
> src/contrib/sendmail/src/deliver.c 1.1.1.3.2.20
> src/contrib/sendmail/src/headers.c 1.4.2.16
> src/contrib/sendmail/src/mime.c 1.1.1.3.2.10
> src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.20
> src/contrib/sendmail/src/savemail.c 1.4.2.13
> src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.22
> src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.16
> src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.3
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.20
> src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.17
> src/contrib/sendmail/src/util.c 1.1.1.3.2.15
>RELENG_4_11
> src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.12.1
> src/contrib/sendmail/libsm/local.h 1.1.1.1.2.5.2.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.3.2.1
> src/contrib/sendmail/src/collect.c 1.1.1.4.2.14.2.1
> src/contrib/sendmail/src/conf.c 1.5.2.17.2.1
> src/contrib/sendmail/src/deliver.c 1.1.1.3.2.17.2.1
> src/contrib/sendmail/src/headers.c 1.4.2.14.2.1
> src/contrib/sendmail/src/mime.c 1.1.1.3.2.8.2.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.17.2.1
> src/contrib/sendmail/src/savemail.c 1.4.2.11.2.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.19.2.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.14.2.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.12.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.17.2.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.14.2.1
> src/contrib/sendmail/src/util.c 1.1.1.3.2.13.2.1
> src/UPDATING 1.73.2.91.2.17
> src/sys/conf/newvers.sh 1.44.2.39.2.20
>RELENG_4_10
> src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1.10.1
> src/contrib/sendmail/libsm/local.h 1.1.1.1.2.4.2.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.2.6.1
> src/contrib/sendmail/src/collect.c 1.1.1.4.2.13.2.1
> src/contrib/sendmail/src/conf.c 1.5.2.16.2.1
> src/contrib/sendmail/src/deliver.c 1.1.1.3.2.16.2.1
> src/contrib/sendmail/src/headers.c 1.4.2.13.2.1
> src/contrib/sendmail/src/mime.c 1.1.1.3.2.7.2.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.2.6.16.2.1
> src/contrib/sendmail/src/savemail.c 1.4.2.10.6.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.4.2.18.2.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.1.2.13.2.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.1.2.2.10.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.2.6.16.2.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.3.2.13.2.1
> src/contrib/sendmail/src/util.c 1.1.1.3.2.12.2.1
> src/UPDATING 1.73.2.90.2.23
> src/sys/conf/newvers.sh 1.33.2.34.2.24
>RELENG_5
> src/contrib/sendmail/libsm/fflush.c 1.1.1.3.8.1
> src/contrib/sendmail/libsm/local.h 1.1.1.7.2.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.5.2.1
> src/contrib/sendmail/src/collect.c 1.1.1.19.2.3
> src/contrib/sendmail/src/conf.c 1.26.2.3
> src/contrib/sendmail/src/deliver.c 1.1.1.21.2.3
> src/contrib/sendmail/src/headers.c 1.20.2.2
> src/contrib/sendmail/src/mime.c 1.1.1.12.2.2
> src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.3
> src/contrib/sendmail/src/savemail.c 1.16.2.2
> src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.3
> src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.2
> src/contrib/sendmail/src/sfsasl.h 1.1.1.4.8.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.3
> src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.3
> src/contrib/sendmail/src/util.c 1.1.1.17.2.2
>RELENG_5_4
> src/contrib/sendmail/libsm/fflush.c 1.1.1.3.12.1
> src/contrib/sendmail/libsm/local.h 1.1.1.7.6.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.5.6.1
> src/contrib/sendmail/src/collect.c 1.1.1.19.2.1.2.1
> src/contrib/sendmail/src/conf.c 1.26.2.1.2.1
> src/contrib/sendmail/src/deliver.c 1.1.1.21.2.1.2.1
> src/contrib/sendmail/src/headers.c 1.20.2.1.2.1
> src/contrib/sendmail/src/mime.c 1.1.1.12.2.1.2.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.20.2.1.2.1
> src/contrib/sendmail/src/savemail.c 1.16.2.1.2.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.23.2.1.2.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.14.2.1.2.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.4.12.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.2.1.2.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.18.2.1.2.1
> src/contrib/sendmail/src/util.c 1.1.1.17.2.1.2.1
> src/UPDATING 1.342.2.24.2.22
> src/sys/conf/newvers.sh 1.62.2.18.2.18
>RELENG_5_3
> src/contrib/sendmail/libsm/fflush.c 1.1.1.3.10.1
> src/contrib/sendmail/libsm/local.h 1.1.1.7.4.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.5.4.1
> src/contrib/sendmail/src/collect.c 1.1.1.19.4.1
> src/contrib/sendmail/src/conf.c 1.26.4.1
> src/contrib/sendmail/src/deliver.c 1.1.1.21.4.1
> src/contrib/sendmail/src/headers.c 1.20.4.1
> src/contrib/sendmail/src/mime.c 1.1.1.12.4.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.20.4.1
> src/contrib/sendmail/src/savemail.c 1.16.4.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.23.4.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.14.4.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.4.10.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.20.4.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.18.4.1
> src/contrib/sendmail/src/util.c 1.1.1.17.4.1
> src/UPDATING 1.342.2.13.2.31
> src/sys/conf/newvers.sh 1.62.2.15.2.33
>RELENG_6
> src/contrib/sendmail/libsm/fflush.c 1.1.1.3.14.1
> src/contrib/sendmail/libsm/local.h 1.1.1.7.8.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.5.8.1
> src/contrib/sendmail/src/collect.c 1.1.1.21.2.1
> src/contrib/sendmail/src/conf.c 1.28.2.1
> src/contrib/sendmail/src/deliver.c 1.1.1.23.2.1
> src/contrib/sendmail/src/headers.c 1.21.2.1
> src/contrib/sendmail/src/mime.c 1.1.1.13.2.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.22.2.1
> src/contrib/sendmail/src/savemail.c 1.17.2.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.26.2.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.15.2.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.4.14.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.2.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.21.2.1
> src/contrib/sendmail/src/util.c 1.1.1.18.2.1
>RELENG_6_0
> src/contrib/sendmail/libsm/fflush.c 1.1.1.3.16.1
> src/contrib/sendmail/libsm/local.h 1.1.1.7.10.1
> src/contrib/sendmail/libsm/refill.c 1.1.1.5.10.1
> src/contrib/sendmail/src/collect.c 1.1.1.21.4.1
> src/contrib/sendmail/src/conf.c 1.28.4.1
> src/contrib/sendmail/src/deliver.c 1.1.1.23.4.1
> src/contrib/sendmail/src/headers.c 1.21.4.1
> src/contrib/sendmail/src/mime.c 1.1.1.13.4.1
> src/contrib/sendmail/src/parseaddr.c 1.1.1.22.4.1
> src/contrib/sendmail/src/savemail.c 1.17.4.1
> src/contrib/sendmail/src/sendmail.h 1.1.1.26.4.1
> src/contrib/sendmail/src/sfsasl.c 1.1.1.15.4.1
> src/contrib/sendmail/src/sfsasl.h 1.1.1.4.16.1
> src/contrib/sendmail/src/srvrsmtp.c 1.1.1.22.4.1
> src/contrib/sendmail/src/usersmtp.c 1.1.1.21.4.1
> src/contrib/sendmail/src/util.c 1.1.1.18.4.1
> src/UPDATING 1.416.2.3.2.11
> src/sys/conf/newvers.sh 1.69.2.8.2.7
>- -------------------------------------------------------------------------
>
>VII. References
>
>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
>
>The latest revision of this advisory is available at
>ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.2.2 (FreeBSD)
>
>iD8DBQFEIXZWFdaIBMps37IRAldYAJ9nd+wQMJlQObUuio5tBEFwD0ULwwCbB2eI
>u3JkyVwHx4WOgmZkg9QKang>=d3RW
>-----END PGP SIGNATURE-----
>_______________________________________________
>freebsd-security-notifications@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
>To unsubscribe, send any mail to
>"freebsd-security-notifications-unsubscribe@freebsd.org"
Does this affect all use of sendmail or just SMTP servers? Specifically, can this be locally exploited in a submission agent with no local delivery?
Dmitry Pryanishnikov
2006-Mar-23 12:32 UTC
FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
Hello! On Wed, 22 Mar 2006, FreeBSD Security Advisories wrote:> Path > - ------------------------------------------------------------------------- > RELENG_4 > src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1 > src/contrib/sendmail/libsm/local.h 1.1.1.1.2.6 > src/contrib/sendmail/libsm/refill.c 1.1.1.1.2.4This doesn't change sendmail's identification string - it's still "8.13.1" on RELENG_4_11, which makes detection of unpatched systems more difficult to sysadmin. Wouldn't be wise to add, say, "-p1" to this string in version.c? Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
Oleg Khomichenko
2006-Mar-23 13:57 UTC
FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
============================================================================> Announced: 2006-03-22> Affects: All FreeBSD releases.15:33 [p2]root@alfa:/usr/src>uname -a FreeBSD xxxx.xxxxxxx.xxxxxx 4.11-STABLE FreeBSD 4.11-STABLE #1: Mon Apr 11 18:42:41 EEST 2005 xxxx@xxxx.xxxxxxx.xxx.xx:/usr/obj/usr/src/sys/ALFA i386 15:36 [p2]root@alfa:/usr/src>sendmail -d0.1 Version 8.13.3 When I try to check patch (patch -C), I receive many "Hunk #n failed at nn." see below. Is it problem or no and I can continue and vulnerability will be removed? Script started on Thu Mar 23 15:30:22 2006 Hmm... Looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/libsm/fflush.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/libsm/fflush.c,v |retrieving revision 1.1.1.3 |diff -u -I__FBSDID -r1.1.1.3 fflush.c |--- contrib/sendmail/libsm/fflush.c 11 Jun 2002 21:11:58 -0000 1.1.1.3 |+++ contrib/sendmail/libsm/fflush.c 21 Mar 2006 12:43:09 -0000 -------------------------- Patching file contrib/sendmail/libsm/fflush.c using Plan A... Hunk #1 succeeded at 145. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/libsm/local.h |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/libsm/local.h,v |retrieving revision 1.1.1.7 |diff -u -I__FBSDID -r1.1.1.7 local.h |--- contrib/sendmail/libsm/local.h 1 Aug 2004 01:04:45 -0000 1.1.1.7 |+++ contrib/sendmail/libsm/local.h 21 Mar 2006 12:43:09 -0000 -------------------------- Patching file contrib/sendmail/libsm/local.h using Plan A... Hunk #1 succeeded at 192. Hunk #2 succeeded at 276. Hunk #3 succeeded at 289. Hunk #4 succeeded at 308. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/libsm/refill.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/libsm/refill.c,v |retrieving revision 1.1.1.5 |diff -u -I__FBSDID -r1.1.1.5 refill.c |--- contrib/sendmail/libsm/refill.c 1 Aug 2004 01:04:45 -0000 1.1.1.5 |+++ contrib/sendmail/libsm/refill.c 21 Mar 2006 12:43:09 -0000 -------------------------- Patching file contrib/sendmail/libsm/refill.c using Plan A... Hunk #1 succeeded at 76. Hunk #2 succeeded at 97. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/collect.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/collect.c,v |retrieving revision 1.1.1.19 |diff -u -I__FBSDID -r1.1.1.19 collect.c |--- contrib/sendmail/src/collect.c 1 Aug 2004 01:04:20 -0000 1.1.1.19 |+++ contrib/sendmail/src/collect.c 21 Mar 2006 12:43:10 -0000 -------------------------- Patching file contrib/sendmail/src/collect.c using Plan A... Hunk #1 failed at 15. Hunk #2 succeeded at 262. Hunk #3 failed at 283. Hunk #4 succeeded at 319. Hunk #5 succeeded at 339. Hunk #6 succeeded at 362. Hunk #7 succeeded at 527 (offset -1 lines). Hunk #8 succeeded at 582 (offset -1 lines). Hunk #9 succeeded at 622 (offset -1 lines). Hunk #10 succeeded at 649 (offset -1 lines). Hunk #11 succeeded at 720 (offset -1 lines). Hunk #12 succeeded at 805 (offset -1 lines). Hunk #13 succeeded at 828 (offset -1 lines). Hunk #14 failed at 928. 3 out of 14 hunks failed--saving rejects to contrib/sendmail/src/collect.c.rej Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/conf.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/conf.c,v |retrieving revision 1.26 |diff -u -I__FBSDID -r1.26 conf.c |--- contrib/sendmail/src/conf.c 1 Aug 2004 01:16:16 -0000 1.26 |+++ contrib/sendmail/src/conf.c 21 Mar 2006 12:43:12 -0000 -------------------------- Patching file contrib/sendmail/src/conf.c using Plan A... Hunk #1 succeeded at 5299 (offset 9 lines). Hunk #2 succeeded at 5324 (offset 9 lines). Hunk #3 succeeded at 5367 (offset 9 lines). Hunk #4 succeeded at 5432 (offset 9 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/deliver.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/deliver.c,v |retrieving revision 1.1.1.21 |diff -u -I__FBSDID -r1.1.1.21 deliver.c |--- contrib/sendmail/src/deliver.c 1 Aug 2004 01:04:23 -0000 1.1.1.21 |+++ contrib/sendmail/src/deliver.c 21 Mar 2006 12:43:15 -0000 -------------------------- Patching file contrib/sendmail/src/deliver.c using Plan A... Hunk #1 succeeded at 3257. Hunk #2 succeeded at 4437 (offset 6 lines). Hunk #3 succeeded at 4453 (offset 6 lines). Hunk #4 succeeded at 4494 (offset 6 lines). Hunk #5 succeeded at 4507 (offset 6 lines). Hunk #6 succeeded at 4518 (offset 6 lines). Hunk #7 succeeded at 4556 (offset 6 lines). Hunk #8 succeeded at 4590 (offset 6 lines). Hunk #9 succeeded at 4636 (offset 6 lines). Hunk #10 succeeded at 4658 (offset 6 lines). Hunk #11 succeeded at 4750 (offset 6 lines). Hunk #12 succeeded at 4762 (offset 6 lines). Hunk #13 succeeded at 4772 (offset 6 lines). Hunk #14 succeeded at 4805 (offset 6 lines). Hunk #15 succeeded at 4866 (offset 6 lines). Hunk #16 succeeded at 4881 (offset 6 lines). Hunk #17 succeeded at 4906 (offset 6 lines). Hunk #18 succeeded at 4923 (offset 6 lines). Hunk #19 succeeded at 4949 (offset 6 lines). Hunk #20 succeeded at 4958 (offset 6 lines). Hunk #21 succeeded at 4970 (offset 6 lines). Hunk #22 succeeded at 4985 (offset 6 lines). Hunk #23 succeeded at 5544 (offset 6 lines). Hunk #24 succeeded at 6103 (offset 1 line). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/headers.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/headers.c,v |retrieving revision 1.20 |diff -u -I__FBSDID -r1.20 headers.c |--- contrib/sendmail/src/headers.c 1 Aug 2004 01:16:16 -0000 1.20 |+++ contrib/sendmail/src/headers.c 21 Mar 2006 12:43:15 -0000 -------------------------- Patching file contrib/sendmail/src/headers.c using Plan A... Hunk #1 succeeded at 19. Hunk #2 succeeded at 994. Hunk #3 succeeded at 1002. Hunk #4 succeeded at 1543. Hunk #5 succeeded at 1684. Hunk #6 succeeded at 1744. Hunk #7 succeeded at 1764. Hunk #8 succeeded at 1782. Hunk #9 succeeded at 1811. Hunk #10 succeeded at 1845. Hunk #11 succeeded at 1856. Hunk #12 succeeded at 1872. Hunk #13 succeeded at 2017. Hunk #14 succeeded at 2024. Hunk #15 succeeded at 2047. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/mime.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/mime.c,v |retrieving revision 1.1.1.12 |diff -u -I__FBSDID -r1.1.1.12 mime.c |--- contrib/sendmail/src/mime.c 1 Aug 2004 01:04:28 -0000 1.1.1.12 |+++ contrib/sendmail/src/mime.c 21 Mar 2006 12:43:16 -0000 -------------------------- Patching file contrib/sendmail/src/mime.c using Plan A... Hunk #1 succeeded at 86. Hunk #2 succeeded at 299. Hunk #3 succeeded at 309. Hunk #4 succeeded at 322. Hunk #5 succeeded at 352. Hunk #6 succeeded at 382. Hunk #7 succeeded at 492. Hunk #8 succeeded at 506. Hunk #9 succeeded at 520. Hunk #10 succeeded at 534. Hunk #11 succeeded at 565. Hunk #12 succeeded at 589. Hunk #13 succeeded at 618. Hunk #14 succeeded at 648. Hunk #15 succeeded at 687. Hunk #16 succeeded at 984 (offset 4 lines). Hunk #17 succeeded at 1001 (offset 4 lines). Hunk #18 succeeded at 1034 (offset 4 lines). Hunk #19 succeeded at 1122 (offset 4 lines). Hunk #20 succeeded at 1160 (offset 4 lines). Hunk #21 succeeded at 1180 (offset 4 lines). Hunk #22 succeeded at 1191 (offset 4 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/parseaddr.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/parseaddr.c,v |retrieving revision 1.1.1.20 |diff -u -I__FBSDID -r1.1.1.20 parseaddr.c |--- contrib/sendmail/src/parseaddr.c 1 Aug 2004 01:04:28 -0000 1.1.1.20 |+++ contrib/sendmail/src/parseaddr.c 21 Mar 2006 12:43:17 -0000 -------------------------- Patching file contrib/sendmail/src/parseaddr.c using Plan A... Hunk #1 succeeded at 1337. Hunk #2 succeeded at 1352. Hunk #3 succeeded at 1407. Hunk #4 succeeded at 1509. Hunk #5 succeeded at 2936. Hunk #6 succeeded at 3150. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/savemail.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/savemail.c,v |retrieving revision 1.16 |diff -u -I__FBSDID -r1.16 savemail.c |--- contrib/sendmail/src/savemail.c 1 Aug 2004 01:16:16 -0000 1.16 |+++ contrib/sendmail/src/savemail.c 21 Mar 2006 12:43:18 -0000 -------------------------- Patching file contrib/sendmail/src/savemail.c using Plan A... Hunk #1 succeeded at 15 with fuzz 2. Hunk #2 succeeded at 432. Hunk #3 succeeded at 733. Hunk #4 succeeded at 758. Hunk #5 succeeded at 776. Hunk #6 succeeded at 803. Hunk #7 succeeded at 858. Hunk #8 succeeded at 888. Hunk #9 succeeded at 913. Hunk #10 succeeded at 932. Hunk #11 succeeded at 986. Hunk #12 succeeded at 1016. Hunk #13 succeeded at 1029. Hunk #14 succeeded at 1046. Hunk #15 succeeded at 1063. Hunk #16 succeeded at 1085. Hunk #17 succeeded at 1104. Hunk #18 succeeded at 1148. Hunk #19 succeeded at 1157. Hunk #20 succeeded at 1207. Hunk #21 succeeded at 1222 (offset 3 lines). Hunk #22 succeeded at 1242 (offset 3 lines). Hunk #23 succeeded at 1257 (offset 3 lines). Hunk #24 succeeded at 1270 (offset 3 lines). Hunk #25 succeeded at 1280 (offset 3 lines). Hunk #26 succeeded at 1293 (offset 3 lines). Hunk #27 succeeded at 1304 (offset 3 lines). Hunk #28 succeeded at 1313 (offset 3 lines). Hunk #29 succeeded at 1347 (offset 3 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/sendmail.h |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/sendmail.h,v |retrieving revision 1.1.1.23 |diff -u -I__FBSDID -r1.1.1.23 sendmail.h |--- contrib/sendmail/src/sendmail.h 1 Aug 2004 01:04:33 -0000 1.1.1.23 |+++ contrib/sendmail/src/sendmail.h 21 Mar 2006 12:43:19 -0000 -------------------------- Patching file contrib/sendmail/src/sendmail.h using Plan A... Hunk #1 succeeded at 809 (offset 1 line). Hunk #2 succeeded at 870 (offset 1 line). Hunk #3 succeeded at 965 (offset 1 line). Hunk #4 succeeded at 1649 (offset 3 lines). Hunk #5 succeeded at 2142 (offset 2 lines). Hunk #6 succeeded at 2516 (offset 4 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/sfsasl.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/sfsasl.c,v |retrieving revision 1.1.1.14 |diff -u -I__FBSDID -r1.1.1.14 sfsasl.c |--- contrib/sendmail/src/sfsasl.c 1 Aug 2004 01:04:33 -0000 1.1.1.14 |+++ contrib/sendmail/src/sfsasl.c 21 Mar 2006 12:43:20 -0000 -------------------------- Patching file contrib/sendmail/src/sfsasl.c using Plan A... Hunk #1 succeeded at 541 (offset 25 lines). Hunk #2 succeeded at 680 (offset 25 lines). Hunk #3 succeeded at 748 (offset 25 lines). Hunk #4 succeeded at 790 (offset 25 lines). Hunk #5 succeeded at 855 (offset 25 lines). Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/sfsasl.h |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/sfsasl.h,v |retrieving revision 1.1.1.4 |diff -u -I__FBSDID -r1.1.1.4 sfsasl.h |--- contrib/sendmail/src/sfsasl.h 11 Jun 2002 21:11:52 -0000 1.1.1.4 |+++ contrib/sendmail/src/sfsasl.h 21 Mar 2006 12:43:20 -0000 -------------------------- Patching file contrib/sendmail/src/sfsasl.h using Plan A... Hunk #1 succeeded at 17. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/srvrsmtp.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/srvrsmtp.c,v |retrieving revision 1.1.1.20 |diff -u -I__FBSDID -r1.1.1.20 srvrsmtp.c |--- contrib/sendmail/src/srvrsmtp.c 1 Aug 2004 01:04:35 -0000 1.1.1.20 |+++ contrib/sendmail/src/srvrsmtp.c 21 Mar 2006 12:43:22 -0000 -------------------------- Patching file contrib/sendmail/src/srvrsmtp.c using Plan A... Hunk #1 succeeded at 503. Hunk #2 succeeded at 1692. Hunk #3 succeeded at 1726. Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/usersmtp.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/usersmtp.c,v |retrieving revision 1.1.1.18 |diff -u -I__FBSDID -r1.1.1.18 usersmtp.c |--- contrib/sendmail/src/usersmtp.c 1 Aug 2004 01:04:36 -0000 1.1.1.18 |+++ contrib/sendmail/src/usersmtp.c 21 Mar 2006 12:43:23 -0000 -------------------------- Patching file contrib/sendmail/src/usersmtp.c using Plan A... Hunk #1 failed at 19. Hunk #2 succeeded at 2492. Hunk #3 succeeded at 2627 (offset 14 lines). Hunk #4 succeeded at 2650 (offset 14 lines). Hunk #5 succeeded at 2696 (offset 14 lines). Hunk #6 failed at 2748. 2 out of 6 hunks failed--saving rejects to contrib/sendmail/src/usersmtp.c.rej Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -------------------------- |Index: contrib/sendmail/src/util.c |==================================================================|RCS file: /home/ncvs/src/contrib/sendmail/src/util.c,v |retrieving revision 1.1.1.17 |diff -u -I__FBSDID -r1.1.1.17 util.c |--- contrib/sendmail/src/util.c 1 Aug 2004 01:04:36 -0000 1.1.1.17 |+++ contrib/sendmail/src/util.c 21 Mar 2006 12:43:24 -0000 -------------------------- Patching file contrib/sendmail/src/util.c using Plan A... Hunk #1 succeeded at 456 (offset 1 line). Hunk #2 succeeded at 972 (offset 1 line). Hunk #3 succeeded at 1002 (offset 1 line). Hunk #4 succeeded at 1060 (offset 1 line). Hunk #5 succeeded at 1072 (offset 1 line). Hunk #6 succeeded at 1083 (offset 1 line). Hunk #7 succeeded at 1103 (offset 1 line). Hunk #8 succeeded at 1126 (offset 1 line). Hunk #9 succeeded at 1141 (offset 1 line). Hunk #10 succeeded at 1161 (offset 1 line). Hunk #11 succeeded at 1171 (offset 1 line). Hunk #12 succeeded at 1182 (offset 1 line). Hunk #13 succeeded at 1193 (offset 1 line). Hunk #14 succeeded at 2402 (offset 1 line). done exit Script done on Thu Mar 23 15:30:43 2006
Oleg Khomichenko wrote:> 15:33 [p2]root@alfa:/usr/src>uname -a > FreeBSD xxxx.xxxxxxx.xxxxxx 4.11-STABLE FreeBSD 4.11-STABLE #1: Mon > Apr 11 18:42:41 EEST 2005 > xxxx@xxxx.xxxxxxx.xxx.xx:/usr/obj/usr/src/sys/ALFA i386 > > 15:36 [p2]root@alfa:/usr/src>sendmail -d0.1 > Version 8.13.3 > > When I try to check patch (patch -C), I receive many "Hunk #n failed > at nn." see below.Try using sendmail.patch instead of sendmail411.patch. Colin Percival
At 08:57 AM 23/03/2006, Oleg Khomichenko wrote:>============================================================================> > Announced: 2006-03-22 > > Affects: All FreeBSD releases. > > >15:33 [p2]root@alfa:/usr/src>uname -a >FreeBSD xxxx.xxxxxxx.xxxxxx 4.11-STABLE FreeBSD 4.11-STABLE #1: Mon >Apr 11 18:42:41 EEST 2005 >xxxx@xxxx.xxxxxxx.xxx.xx:/usr/obj/usr/src/sys/ALFA i386For RELENG_4, I used the same patch that is used on RELENG_5 and RELENG_6. ie ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch and it seems to apply cleanly and work. ---Mike