OSF-AXP OSFSENDMAIL_E01032 DEC OSF/1 V2.0 - V3.2 sendmail ECO Summary
Copyright (c) Digital Equipment Corporation 1995.
All rights reserved.
OP/SYS: DEC OSF/1 Versions 2.0, 3.0, 3.0B, 3.2
COMPONENT: sendmail Version 5.65
SOURCE: Digital Equipment Corporation
ECO INFORMATION:
ECO Kit Name: OSFSENDMAIL_E01032
ECO Kits Superseded by This ECO Kit: none
ECO Kit Approximate Size: 860160 bytes
System Reboot Necessary: No
ECO KIT SUMMARY:
An ECO kit exists for sendmail on DEC OSF/1 V2.0, V3.0, V3.0B, and V3.2.
This kit addresses the following problems:
o A potential security vulnerability has been discovered where
under certain circumstances authorized users may gain unauthorized
privileges. This patch fixes cert # 0295.
o sendmail would get a segmentation violation if it received
an address that was not in compliance with RFC822. It has been
fixed to reject the bad address.
o sendmail is currently shipped with fuzzy-name matching enabled and
with no convenient way to disable it. This patch provides for the
enabling/disabling of fuzzy-name matching.
Files on this server are as follows:
osfsendmail_e01032_sendmail.README
osfsendmail_e01032.CHKSUM
osfsendmail_e01032.tar
|