*** RELEASE_NOTES.OLD Sat Jan 20 16:05:41 1996
--- RELEASE_NOTES Thu Jan 25 11:16:20 1996
***************
*** 1,9 ****
SENDMAIL RELEASE NOTES
! @(#)RELEASE_NOTES 8.6.12.1 (Berkeley) 3/28/95
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
8.6.12/8.6.12 95/03/28
Fix to IDENT code (it was getting the size of the reply buffer
--- 1,16 ----
SENDMAIL RELEASE NOTES
! @(#)RELEASE_NOTES 8.6.13.1 (Berkeley) 1/25/96
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
+
+ 8.6.13/8.6.12 95/01/25
+ SECURITY: In some cases it was still possible for an attacker to
+ insert newlines into a queue file, thus allowing access to
+ any user (except root).
+ CONFIG: no changes -- it is not a bug that the configuration
+ version number is unchanged.
8.6.12/8.6.12 95/03/28
Fix to IDENT code (it was getting the size of the reply buffer
*** src/headers.c.OLD Thu Feb 9 12:21:58 1995
--- src/headers.c Mon Feb 5 21:30:07 1996
***************
*** 33,39 ****
*/
#ifndef lint
! static char sccsid[] = "@(#)headers.c 8.32 (Berkeley) 4/14/94";
#endif /* not lint */
# include <errno.h>
--- 33,39 ----
*/
#ifndef lint
! static char sccsid[] = "@(#)headers.c 8.32.1.3 (Berkeley) 2/5/96";
#endif /* not lint */
# include <errno.h>
***************
*** 995,1012 ****
{
/* vanilla header line */
register char *nlp;
! (void) sprintf(obuf, "%s: ", h->h_field);
while ((nlp = strchr(p, '\n')) != NULL)
{
*nlp = '\0';
! (void) strcat(obuf, p);
*nlp = '\n';
putline(obuf, mci);
p = ++nlp;
! obuf[0] = '\0';
}
! (void) strcat(obuf, p);
putline(obuf, mci);
}
}
--- 995,1017 ----
{
/* vanilla header line */
register char *nlp;
+ register char *obp;
! (void) sprintf(obuf, "%.200s: ", h->h_field);
! obp = obuf + strlen(obuf);
while ((nlp = strchr(p, '\n')) != NULL)
{
*nlp = '\0';
! sprintf(obp, "%.*s",
! sizeof obuf - (obp - obuf) - 1, p);
*nlp = '\n';
putline(obuf, mci);
p = ++nlp;
! obp = obuf;
! if (*p != ' ' && *p != '\t')
! *obp++ = ' ';
}
! sprintf(obp, "%.*s", sizeof obuf - (obp - obuf) - 1, p);
putline(obuf, mci);
}
}
***************
*** 1152,1158 ****
firstone = FALSE;
*p = savechar;
}
! (void) strcpy(obp, "\n");
putline(obuf, mci);
}
�/*
--- 1157,1163 ----
firstone = FALSE;
*p = savechar;
}
! *obp = '\0';
putline(obuf, mci);
}
�/*
*** src/queue.c.OLD Sun Mar 5 10:10:26 1995
--- src/queue.c Thu Jan 25 11:10:28 1996
***************
*** 36,44 ****
#ifndef lint
#ifdef QUEUE
! static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (with queueing)";
#else
! static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (without queueing)";
#endif
#endif /* not lint */
--- 36,44 ----
#ifndef lint
#ifdef QUEUE
! static char sccsid[] = "@(#)queue.c 8.41.1.4 (Berkeley) 1/25/96 (with queueing)";
#else
! static char sccsid[] = "@(#)queue.c 8.41.1.4 (Berkeley) 1/25/96 (without queueing)";
#endif
#endif /* not lint */
***************
*** 205,211 ****
/* output type and name of data file */
if (e->e_bodytype != NULL)
! fprintf(tfp, "B%s\n", e->e_bodytype);
fprintf(tfp, "D%s\n", e->e_df);
/* message from envelope, if it exists */
--- 205,211 ----
/* output type and name of data file */
if (e->e_bodytype != NULL)
! fprintf(tfp, "B%s\n", denlstring(e->e_bodytype, TRUE, FALSE));
fprintf(tfp, "D%s\n", e->e_df);
/* message from envelope, if it exists */
***************
*** 325,331 ****
/* output the header: expand macros, convert addresses */
if (bitset(H_DEFAULT, h->h_flags))
{
! fprintf(tfp, "%s: %s\n", h->h_field, buf);
}
else if (bitset(H_FROM|H_RCPT, h->h_flags))
{
--- 325,333 ----
/* output the header: expand macros, convert addresses */
if (bitset(H_DEFAULT, h->h_flags))
{
! fprintf(tfp, "%s: %s\n",
! h->h_field,
! denlstring(buf, FALSE, TRUE));
}
else if (bitset(H_FROM|H_RCPT, h->h_flags))
{
***************
*** 342,348 ****
TrafficLogFile = savetrace;
}
else
! fprintf(tfp, "%s: %s\n", h->h_field, h->h_value);
}
/*
--- 344,354 ----
TrafficLogFile = savetrace;
}
else
! {
! fprintf(tfp, "%s: %s\n",
! h->h_field,
! denlstring(h->h_value, FALSE, TRUE));
! }
}
/*
*** src/util.c.OLD Sun Mar 5 10:10:24 1995
--- src/util.c Thu Feb 8 09:27:40 1996
***************
*** 33,39 ****
*/
#ifndef lint
! static char sccsid[] = "@(#)util.c 8.39.1.5 (Berkeley) 3/5/95";
#endif /* not lint */
# include "sendmail.h"
--- 33,39 ----
*/
#ifndef lint
! static char sccsid[] = "@(#)util.c 8.39.1.7 (Berkeley) 2/8/96";
#endif /* not lint */
# include "sendmail.h"
***************
*** 760,766 ****
(void) putc(*l, mci->mci_out);
fputs(mci->mci_mailer->m_eol, mci->mci_out);
if (*l == '\n')
! ++l;
} while (l[0] != '\0');
}
�/*
--- 760,773 ----
(void) putc(*l, mci->mci_out);
fputs(mci->mci_mailer->m_eol, mci->mci_out);
if (*l == '\n')
! {
! if (*++l != ' ' && *l != '\t' && *l != '\0')
! {
! (void) putc(' ', mci->mci_out);
! if (TrafficLogFile != NULL)
! (void) putc(' ', TrafficLogFile);
! }
! }
} while (l[0] != '\0');
}
�/*
*** src/version.c.OLD Tue Mar 28 18:27:07 1995
--- src/version.c Thu Jan 25 10:57:56 1996
***************
*** 33,39 ****
*/
#ifndef lint
! static char sccsid[] = "@(#)version.c 8.6.12.1 (Berkeley) 3/28/95";
#endif /* not lint */
! char Version[] = "8.6.12";
--- 33,39 ----
*/
#ifndef lint
! static char sccsid[] = "@(#)version.c 8.6.13.1 (Berkeley) 1/25/96";
#endif /* not lint */
! char Version[] = "8.6.13";