*** RELEASE_NOTES.OLD Sat Jan 20 16:05:41 1996 --- RELEASE_NOTES Thu Jan 25 11:16:20 1996 *************** *** 1,9 **** SENDMAIL RELEASE NOTES ! @(#)RELEASE_NOTES 8.6.12.1 (Berkeley) 3/28/95 This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. 8.6.12/8.6.12 95/03/28 Fix to IDENT code (it was getting the size of the reply buffer --- 1,16 ---- SENDMAIL RELEASE NOTES ! @(#)RELEASE_NOTES 8.6.13.1 (Berkeley) 1/25/96 This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. + + 8.6.13/8.6.12 95/01/25 + SECURITY: In some cases it was still possible for an attacker to + insert newlines into a queue file, thus allowing access to + any user (except root). + CONFIG: no changes -- it is not a bug that the configuration + version number is unchanged. 8.6.12/8.6.12 95/03/28 Fix to IDENT code (it was getting the size of the reply buffer *** src/headers.c.OLD Thu Feb 9 12:21:58 1995 --- src/headers.c Mon Feb 5 21:30:07 1996 *************** *** 33,39 **** */ #ifndef lint ! static char sccsid[] = "@(#)headers.c 8.32 (Berkeley) 4/14/94"; #endif /* not lint */ # include --- 33,39 ---- */ #ifndef lint ! static char sccsid[] = "@(#)headers.c 8.32.1.3 (Berkeley) 2/5/96"; #endif /* not lint */ # include *************** *** 995,1012 **** { /* vanilla header line */ register char *nlp; ! (void) sprintf(obuf, "%s: ", h->h_field); while ((nlp = strchr(p, '\n')) != NULL) { *nlp = '\0'; ! (void) strcat(obuf, p); *nlp = '\n'; putline(obuf, mci); p = ++nlp; ! obuf[0] = '\0'; } ! (void) strcat(obuf, p); putline(obuf, mci); } } --- 995,1017 ---- { /* vanilla header line */ register char *nlp; + register char *obp; ! (void) sprintf(obuf, "%.200s: ", h->h_field); ! obp = obuf + strlen(obuf); while ((nlp = strchr(p, '\n')) != NULL) { *nlp = '\0'; ! sprintf(obp, "%.*s", ! sizeof obuf - (obp - obuf) - 1, p); *nlp = '\n'; putline(obuf, mci); p = ++nlp; ! obp = obuf; ! if (*p != ' ' && *p != '\t') ! *obp++ = ' '; } ! sprintf(obp, "%.*s", sizeof obuf - (obp - obuf) - 1, p); putline(obuf, mci); } } *************** *** 1152,1158 **** firstone = FALSE; *p = savechar; } ! (void) strcpy(obp, "\n"); putline(obuf, mci); } /* --- 1157,1163 ---- firstone = FALSE; *p = savechar; } ! *obp = '\0'; putline(obuf, mci); } /* *** src/queue.c.OLD Sun Mar 5 10:10:26 1995 --- src/queue.c Thu Jan 25 11:10:28 1996 *************** *** 36,44 **** #ifndef lint #ifdef QUEUE ! static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (with queueing)"; #else ! static char sccsid[] = "@(#)queue.c 8.41.1.3 (Berkeley) 3/5/95 (without queueing)"; #endif #endif /* not lint */ --- 36,44 ---- #ifndef lint #ifdef QUEUE ! static char sccsid[] = "@(#)queue.c 8.41.1.4 (Berkeley) 1/25/96 (with queueing)"; #else ! static char sccsid[] = "@(#)queue.c 8.41.1.4 (Berkeley) 1/25/96 (without queueing)"; #endif #endif /* not lint */ *************** *** 205,211 **** /* output type and name of data file */ if (e->e_bodytype != NULL) ! fprintf(tfp, "B%s\n", e->e_bodytype); fprintf(tfp, "D%s\n", e->e_df); /* message from envelope, if it exists */ --- 205,211 ---- /* output type and name of data file */ if (e->e_bodytype != NULL) ! fprintf(tfp, "B%s\n", denlstring(e->e_bodytype, TRUE, FALSE)); fprintf(tfp, "D%s\n", e->e_df); /* message from envelope, if it exists */ *************** *** 325,331 **** /* output the header: expand macros, convert addresses */ if (bitset(H_DEFAULT, h->h_flags)) { ! fprintf(tfp, "%s: %s\n", h->h_field, buf); } else if (bitset(H_FROM|H_RCPT, h->h_flags)) { --- 325,333 ---- /* output the header: expand macros, convert addresses */ if (bitset(H_DEFAULT, h->h_flags)) { ! fprintf(tfp, "%s: %s\n", ! h->h_field, ! denlstring(buf, FALSE, TRUE)); } else if (bitset(H_FROM|H_RCPT, h->h_flags)) { *************** *** 342,348 **** TrafficLogFile = savetrace; } else ! fprintf(tfp, "%s: %s\n", h->h_field, h->h_value); } /* --- 344,354 ---- TrafficLogFile = savetrace; } else ! { ! fprintf(tfp, "%s: %s\n", ! h->h_field, ! denlstring(h->h_value, FALSE, TRUE)); ! } } /* *** src/util.c.OLD Sun Mar 5 10:10:24 1995 --- src/util.c Thu Feb 8 09:27:40 1996 *************** *** 33,39 **** */ #ifndef lint ! static char sccsid[] = "@(#)util.c 8.39.1.5 (Berkeley) 3/5/95"; #endif /* not lint */ # include "sendmail.h" --- 33,39 ---- */ #ifndef lint ! static char sccsid[] = "@(#)util.c 8.39.1.7 (Berkeley) 2/8/96"; #endif /* not lint */ # include "sendmail.h" *************** *** 760,766 **** (void) putc(*l, mci->mci_out); fputs(mci->mci_mailer->m_eol, mci->mci_out); if (*l == '\n') ! ++l; } while (l[0] != '\0'); } /* --- 760,773 ---- (void) putc(*l, mci->mci_out); fputs(mci->mci_mailer->m_eol, mci->mci_out); if (*l == '\n') ! { ! if (*++l != ' ' && *l != '\t' && *l != '\0') ! { ! (void) putc(' ', mci->mci_out); ! if (TrafficLogFile != NULL) ! (void) putc(' ', TrafficLogFile); ! } ! } } while (l[0] != '\0'); } /* *** src/version.c.OLD Tue Mar 28 18:27:07 1995 --- src/version.c Thu Jan 25 10:57:56 1996 *************** *** 33,39 **** */ #ifndef lint ! static char sccsid[] = "@(#)version.c 8.6.12.1 (Berkeley) 3/28/95"; #endif /* not lint */ ! char Version[] = "8.6.12"; --- 33,39 ---- */ #ifndef lint ! static char sccsid[] = "@(#)version.c 8.6.13.1 (Berkeley) 1/25/96"; #endif /* not lint */ ! char Version[] = "8.6.13";