Patch-ID# 101782-02 Keywords: security sendmail vacation BIND 4.9.3 libresolv.so.2 mx mailcompat Synopsis: SunOS 5.3: sendmail patch - security Date: Nov/24/97 Solaris Release: 2.3 SunOS Release: 5.3 Unbundled Product: Unbundled Release: Topic: SunOS 5.3: sendmail patch - security BugId's fixed with this patch: 1031899 1097962 1138851 1138867 1139292 1141553 1142358 1142840, 1145035 1147498 1149201 1151181 1152199 1153276 1153954 1160505 1163133 1163747 1164771 1166330 1167823 1171241 1175514 1176905 1181365 1184012 1189574 1191075 1192880 1193564 1194262 1194643 1196392 1196394 1196727 1197254 1197255 1206222 1206233 1213618 1214897 1215086 1217009 1219169 1222105 1222168 1222457 1232712 1239516 1241168 1242930 1244027 1249090 1252530 1252675 1253584 1258420 1261561 1265313 1267313 4008983 4011634 4015151 4017798 4018487 4018511 4022409 4027534 4030794 4034927 4035001 4037078 4069756 4072035 Changes incorporated in this version: 4072035 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: 101371-04 101739-18 Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/vacation /etc/mail/main.cf /etc/mail/sendmail.cf /etc/mail/subsidiary.cf /usr/bin/aliasadm /usr/bin/mailcompat /usr/bin/mailstats /usr/bin/vacation /usr/lib/sendmail /usr/lib/sendmail.mx Problem Description: 4072035 Security hole in vacation program. (from 101782-01) 1166330 sendmail security problem with vacation program sendmail security problem with vacation program (from 101739-18) 4034927 sendmail in bs mode doesn't work with -or option 4035001 sendmail can't create file 4037078 sendmail sends email to the mailhost instead of sending it directly 4022409 sendmail dumps core after rewriting the ruleset 0 4027534 V0-V5 options cause sendmail alias rebuild to fail. 1265313 sendmail v8 dumps core with alias include file owned by unknown user 1261561 getmxrr: res_search (eng) failed with impossible h_errno (-1) 4015151 sendmail fails to use scanf for 'F' command in sendmail.cf 1241168 Race condition exists 1252675 sendmail will match on comments in the hosts file 1242930 sendmail displays multiple dbm put error messages 1258420 sendmail does not quote nis+ special characters in mail alias expansion 1249090 sendmail V8 coredumps while delivering from mail queue to HP openmail 4069756 "cannot bind to NIS domain" should not be a fatal error (from 101739-17) 4018511 Security bug: Sendmail Group Permissions Vulnerability 4030794 sendmail gets From: field wrong 4017798 Sendmail in bs mode ignores the Orident option (from 101739-16) 4018487 Security Bug: Sendmail Treats The w Option As Safe (from 101739-15) 1267313 sendmail security bug - Sendmail CERT advisory 96.20 4011634 a user can redirect messages to unqualified domain names (from 101739-14) 4008983 5.3 and 5.4 sendmail Makefiles do not rebuild sendmail.mx (from 101739-13) 1252530 bad patch 101739-11 102066-09 102980-04 causes make aliases to fail (from 101739-12) 1253584 Sendmail source update and rebuild for BIND 4.9.3 (from 101739-11) 1244027 NIS mail.aliases DBM map built from v8 sendmail breaks v5 sendmail clients (from 101739-10) 1239516 sendmail should check gethostbyaddr return values (from 101739-09) 1232712 sendmail in Sol 2.5 doesn't works with dns (from 101739-08) 1181365 sendmail crash segv segment violation core dump on mixed case mx records 1189574 sendmail "M" option has potential security hole 1097962 aliasadm -e fails & gives memory fault when used with a large nis+ alias table. 1171241 Sendmail cannot handle quoted characters in full name 1031899 8 bit chars are not recognized when used with '|' aliases 1138851 get returned mail if use chinese characters in an alias 1163133 $%x in sendmail.cf actually does nothing - please fix or remove from sendmail.c 1138867 mail load balancing and auto failed over 1139292 If a local alias is present and "findable", sendmail still insists on using NIS 1175514 nsswitch aliases causes problem for sendmail 1141553 Non-standard NIS+ tables don't work in sendmail rule matching 1176905 In Solaris 2.3, "%l" doesn't correctly arrange for a fully qualified local name 1184012 aliasadm -e coredumps 1194643 sendmail issues bogus warning security warning when newline in header field see 1191075 sendmail security bug 1193564 trashed buf in sendmail caused mail bouncing problem 1192880 IDENT protocol should be turned of in v1/sun mode for compatibility 1167823 Sendmail incorrectly reporting mail spool on cachefs 1194262 sendmail reverse alias is breaking 1196727 Remote mode doesn't route on NFS mounted spool directory. 1197255 495 sendmail version was not set correctly 1197254 default domain is not handle correctly in 495 sendmail 1206222 nisplus_getcanonname() should remove the reference to $P in 495 v8 sendmail 1206233 495 sendmail's short address conversion routine could misidentified the domain 1213618 MaxHopCount in 495 sendmail diffs from the max hop count in old V5 sendmail 1215086 UUCP address format system error msg printed while running V8, but not in V5 1214897 X86: build27 sendmail causes gethostbyaddr() error 1219169 NIS+ only reverse aliasing does not work with sendmail V8 1222105 mconnect prints wrong port on little-endian machines 1222457 sendmail coredumps when .forwarded to file on PowerPC 1217009 pkgadd hangs on sendmail -oi on nis+ server with sendmail POINT PATCH installed 1222168 sendmail -bs -or10s returns 0 (successful termination) when timeout occurs 1196394 incompatibility in openxscript() between the file open and stdio mode 1196392 Password entries without any shell listed (a NULL shell) wouldn't be ok in v8 (from 101739-07) 1191075 sendmail security bug (from 101739-06) 1189574 sendmail "M" option has potential security hole (from 101739-05) 1153954 Unknown user in aliases kills an entire list Unknown user in aliases database prevents sendmail from delivering mail to other user on the same alias. (from 101739-04) 1147498 The time zone field shown in header Date is computed wrong. The time zone field shown in header Date is computed wrong. "-0700", instead of "+0800", should be shown in this test case. The time zone field should be computed relative to GMT. (from 101739-03) 1142358 sendmail.mx will connect to itself when it is a mx for other hosts sendmail.mx will connect to itself when it is a mx for other hosts (from 101739-02) 1164771 SMTP connection caching - sunos daemon bounces or defers messages SMTP connection caching - sunos daemon bounces or defers messages (from 101739-01) 1163747 Unbundling of sendmail from patch 101318 *** Do not install patches 101318-35 through 101318-42 without *** reading the special install instructions below. (from 101318-38) 1160505 sendmail dumps core when handed a debug flag larger than the max int. (from 101318-35) 1153276 sendmail can't rebuild huge aliases file This fix requires a libc fix (bugid 1155803) from patch 101318-43 or later. If you have revisions 101318-35 through 101318-42 of the kernel/libc patch, please refer to the special install instructions below. (from 101371-04) 1149201 wrong header information appears on e-mail heading on a sporadic basis wrong header information appears on e-mail heading on a sporadic basis (from 101371-03) 1151181 sendmail security 1152199 sendmail .forward capability can bypass read permissions two more security hole was reported since the last security patch was issued. The hole allows unauthorized access to (system) files via e-mail. This patch fix bug 1152199, and also provide a improved fix for 1151181. (from 101371-02) 1151181 sendmail security (from 101371-01) 1142840 Sendmail ignores $HOME parameter in .forward file 1145035: sendmail can not deliver to dead.letter file (from 101782-01) 1166330 sendmail security problem with vacation program sendmail security problem with vacation program Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- Halt sendmail prior to installation with "/etc/init.d/sendmail stop". Restart sendmail after successful installation with "/etc/init.d/sendmail start". NOTE: Patches 101318-35 through 101318-42 should not be installed after patch 101739 is installed. Sun recommends that 101318-43 or later be installed instead. If you must install patches 101318-35 through 101318-42, they MUST be installed prior to the installation of 101739 and NEVER be installed after 101739. Doing so would backout all sendmail fixes that occurred after 101371-04. This patch requires the sparc libresolv.so.2/BIND 4.9.3 patch, 101359-02, or greater, to be installed on the target system. It is also recommended to install the following patches or later revs: 102167-03 nss_dns.so.1 rebuild for BIND 4.9.3 103705-01 rpc.nisd_resolv rebuild for BIND 4.9.3 Refer to the file called SPECIAL_NOTE_SENDMAIL shipped with this patch for more instructions.