Accepted sendmail 8.14.1-7ubuntu1 (source)

Michele Angrisano micheleangrisano at ubuntu.com
Tue Jul 3 03:20:20 BST 2007 

Accepted:
 OK: sendmail_8.14.1.orig.tar.gz
 OK: sendmail_8.14.1-7ubuntu1.diff.gz
 OK: sendmail_8.14.1-7ubuntu1.dsc
     -> Component: universe Section: mail

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  2 Jul 2007 16:26:44 +0200
Source: sendmail
Binary: libmilter-dev libmilter1-dbg rmail libmilter1 sendmail sendmail-doc sendmail-cf sensible-mda sendmail-base sendmail-bin
Architecture: source
Version: 8.14.1-7ubuntu1
Distribution: gutsy
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Michele Angrisano <micheleangrisano at ubuntu.com>
Description: 
 libmilter-dev - Sendmail Mail Filter API (Milter)
 libmilter1 - Sendmail Mail Filter API (Milter)
 libmilter1-dbg - Sendmail Mail Filter API (Milter)
 rmail      - MTA->UUCP remote mail handler
 sendmail   - powerful, efficient, and scalable Mail Transport Agent
 sendmail-base - powerful, efficient, and scalable Mail Transport Agent
 sendmail-bin - powerful, efficient, and scalable Mail Transport Agent
 sendmail-cf - powerful, efficient, and scalable Mail Transport Agent
 sendmail-doc - powerful, efficient, and scalable Mail Transport Agent
 sensible-mda - Mail Delivery Agent wrapper
Closes: 430405
Changes: 
 sendmail (8.14.1-7ubuntu1) gutsy; urgency=low
 .
   * Merge from Debian unstable, remaining changes:
     - Wrong emphasis in update_tls.in
     - Update maintainer in field debian/control.
 .
 sendmail (8.14.1-7) unstable; urgency=low
 .
   * buildd's do not honour Build-Depends-Indep:, so replicate that
     information on the Build-Depends line to solve FTBFS  Closes: #430405
 .
 sendmail (8.14.1-6) unstable; urgency=low
 .
   * The `ironclad or die` release, using newer gcc/binutils
     features to further reduce the exploit footprint of an
     application.   Thanks to Marc-Christian Petersen
     Read more about all that good stuff at:
     http://www.gentoo.org/proj/en/hardened/hardened-toolchain.xml#RELRO
 .
   * Create an ELF "PT_GNU_RELRO" segment header in the object.
     Or in other words: built with "-z relro"
 .
   * When generating an executable or shared library, mark it to tell
     the dynamic linker to resolve all symbols when the program is
     started, or when the shared library is linked to using dlopen,
     instead of deferring function call resolution to the point when
     the function is first called.
     Or in other words: built with "-z now"
 .
   * Emit extra code to check for buffer overflows, such as stack
     smashing attacks. This is done by adding a guard variable to
     functions with vulnerable objects. This includes functions
     that call alloca, and functions with buffers larger than 8
     bytes. The guards are initialized when a function is entered
     and then checked when the function exits.  If a guard check
     fails, an error message is printed and the program exits.
     Or in other words: built with "-fstack-protector-all"
 .
   * Compiled as PIE (Position Independant Executable)
     This assists PAX enabled kernels, with ASLR, and is also needed
     for GRSecurity.  Even with stock kernels, this makes the memory
     mapping less static, hindering attacks.
 .
 sendmail (8.14.1-5) private; urgency=low
 .
   * DH_COMPAT = 5
 .
   * Tweak LSB setup of /etc/init.d/sendmail such that stop/start
     when DAEMON_MODE=None is not an error
 .
   * Clean up rules file abit, more to go (I love deleting suff)
     + drop sm_conf/sm_conf_opt from debian/rules
     + drop old private copy of dbs and use cdbs (not cleanly)
     + drop support of older sendmail versions (8.8.8+)
     + drop support for building on older debian versions (slink+)
     + drop split debian directory kluge
     + drop smX support - it requires a complete revamp
 .
   * Things are still complicated by upstream not using autoconf/makefile
     builds, but I have used them in support - much of that work remains and
     will not be removed in the near term
 .
   * Add alternative build-depend for linux-libc-dev (which will depcrecate
     linux-kernel-headers)
Files: 
 25b9edb524b64e0b025d14a8ebc0551c 1103 mail extra sendmail_8.14.1-7ubuntu1.dsc
 7834ac9c29db2d3303bdd81b54bad056 359855 mail extra sendmail_8.14.1-7ubuntu1.diff.gz
Original-Maintainer: Richard A Nelson (Rick) <cowboy at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGiazz58vd3QD9QFcRAnTBAKC6aNlbhofsvxhJaFzZKhoRCzD8jwCgrn38
z7r25gSIA9iqfMVuQnN80vA=
=6j3B
-----END PGP SIGNATURE-----

More information about the gutsy-changes mailing list