Accepted sendmail 8.14.1-7ubuntu1 (source)
Michele Angrisano
micheleangrisano at ubuntu.com
Tue Jul 3 03:20:20 BST 2007
Accepted:
OK: sendmail_8.14.1.orig.tar.gz
OK: sendmail_8.14.1-7ubuntu1.diff.gz
OK: sendmail_8.14.1-7ubuntu1.dsc
-> Component: universe Section: mail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 2 Jul 2007 16:26:44 +0200
Source: sendmail
Binary: libmilter-dev libmilter1-dbg rmail libmilter1 sendmail sendmail-doc sendmail-cf sensible-mda sendmail-base sendmail-bin
Architecture: source
Version: 8.14.1-7ubuntu1
Distribution: gutsy
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Michele Angrisano <micheleangrisano at ubuntu.com>
Description:
libmilter-dev - Sendmail Mail Filter API (Milter)
libmilter1 - Sendmail Mail Filter API (Milter)
libmilter1-dbg - Sendmail Mail Filter API (Milter)
rmail - MTA->UUCP remote mail handler
sendmail - powerful, efficient, and scalable Mail Transport Agent
sendmail-base - powerful, efficient, and scalable Mail Transport Agent
sendmail-bin - powerful, efficient, and scalable Mail Transport Agent
sendmail-cf - powerful, efficient, and scalable Mail Transport Agent
sendmail-doc - powerful, efficient, and scalable Mail Transport Agent
sensible-mda - Mail Delivery Agent wrapper
Closes: 430405
Changes:
sendmail (8.14.1-7ubuntu1) gutsy; urgency=low
.
* Merge from Debian unstable, remaining changes:
- Wrong emphasis in update_tls.in
- Update maintainer in field debian/control.
.
sendmail (8.14.1-7) unstable; urgency=low
.
* buildd's do not honour Build-Depends-Indep:, so replicate that
information on the Build-Depends line to solve FTBFS Closes: #430405
.
sendmail (8.14.1-6) unstable; urgency=low
.
* The `ironclad or die` release, using newer gcc/binutils
features to further reduce the exploit footprint of an
application. Thanks to Marc-Christian Petersen
Read more about all that good stuff at:
http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml#RELRO
.
* Create an ELF "PT_GNU_RELRO" segment header in the object.
Or in other words: built with "-z relro"
.
* When generating an executable or shared library, mark it to tell
the dynamic linker to resolve all symbols when the program is
started, or when the shared library is linked to using dlopen,
instead of deferring function call resolution to the point when
the function is first called.
Or in other words: built with "-z now"
.
* Emit extra code to check for buffer overflows, such as stack
smashing attacks. This is done by adding a guard variable to
functions with vulnerable objects. This includes functions
that call alloca, and functions with buffers larger than 8
bytes. The guards are initialized when a function is entered
and then checked when the function exits. If a guard check
fails, an error message is printed and the program exits.
Or in other words: built with "-fstack-protector-all"
.
* Compiled as PIE (Position Independant Executable)
This assists PAX enabled kernels, with ASLR, and is also needed
for GRSecurity. Even with stock kernels, this makes the memory
mapping less static, hindering attacks.
.
sendmail (8.14.1-5) private; urgency=low
.
* DH_COMPAT = 5
.
* Tweak LSB setup of /etc/init.d/sendmail such that stop/start
when DAEMON_MODE=None is not an error
.
* Clean up rules file abit, more to go (I love deleting suff)
+ drop sm_conf/sm_conf_opt from debian/rules
+ drop old private copy of dbs and use cdbs (not cleanly)
+ drop support of older sendmail versions (8.8.8+)
+ drop support for building on older debian versions (slink+)
+ drop split debian directory kluge
+ drop smX support - it requires a complete revamp
.
* Things are still complicated by upstream not using autoconf/makefile
builds, but I have used them in support - much of that work remains and
will not be removed in the near term
.
* Add alternative build-depend for linux-libc-dev (which will depcrecate
linux-kernel-headers)
Files:
25b9edb524b64e0b025d14a8ebc0551c 1103 mail extra sendmail_8.14.1-7ubuntu1.dsc
7834ac9c29db2d3303bdd81b54bad056 359855 mail extra sendmail_8.14.1-7ubuntu1.diff.gz
Original-Maintainer: Richard A Nelson (Rick) <cowboy at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGiazz58vd3QD9QFcRAnTBAKC6aNlbhofsvxhJaFzZKhoRCzD8jwCgrn38
z7r25gSIA9iqfMVuQnN80vA=
=6j3B
-----END PGP SIGNATURE-----
More information about the gutsy-changes
mailing list