Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 May 2024 18:44:56 +0000
Source: sendmail
Architecture: source
Version: 8.17.1.9-2+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Debian QA Group <packa...@qa.debian.org>
Changed-By: Bastien Roucariès <ro...@debian.org>
Closes: 1059386 1070190
Changes:
sendmail (8.17.1.9-2+deb12u1) bookworm; urgency=high
.
* QA upload
* Fix CVE-2023-51765 (Closes: #1059386):
sendmail allowed SMTP smuggling in certain configurations.
Remote attackers can use a published exploitation
technique to inject e-mail messages with a spoofed
MAIL FROM address, allowing bypass of an SPF protection
mechanism. This occurs because sendmail supports
<LF>.<CR><LF> but some other popular e-mail servers
do not. This is resolved with 'o' in srv_features.
* Enable _FFR_REJECT_NUL_BYTE for rejecting mail that
include NUL byte
* By default enable rejecting mail that include NUL byte.
set confREJECT_NUL to 'true' by default .
User could disable by setting confREJECT_NUL to false.
(Closes: #1070190). Close a variant of CVE-2023-51765
aka SMTP smuggling.
Checksums-Sha1:
05a68eef66b1879dce9bb967510e9c03c53acea9 2874 sendmail_8.17.1.9-2+deb12u1.dsc
9c2de0484ad59bcb957d0eecf62096de5ca47f9b 251852
sendmail_8.17.1.9-2+deb12u1.debian.tar.xz
1217af8ba7ec07cc873f4193ce5a3fc4e58cce99 10819
sendmail_8.17.1.9-2+deb12u1_amd64.buildinfo
Checksums-Sha256:
e1006c711bbe6c6a4edb6baf20d17acf59c38b2e0cbb236cdfce65b70dbd8242 2874
sendmail_8.17.1.9-2+deb12u1.dsc
78c87ec1fa3183e8e37b86a3feb4cfba7cd997d33fdafaf9fc343849899abc99 251852
sendmail_8.17.1.9-2+deb12u1.debian.tar.xz
37145050ed8b09d9304f327f1f84613338ac112eb7ed8d73762cd1dbb151fe80 10819
sendmail_8.17.1.9-2+deb12u1_amd64.buildinfo
Files:
9dca5c551c1ea580cf11f9e3053a6391 2874 mail optional
sendmail_8.17.1.9-2+deb12u1.dsc
225bed029be8a49f927062b4b787e79f 251852 mail optional
sendmail_8.17.1.9-2+deb12u1.debian.tar.xz
dce5abc1ac9a29975615d5eeb3a36006 10819 mail optional
sendmail_8.17.1.9-2+deb12u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmZuoQARHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+Ekw//bDMi/jo4qMYya8jl9SY4AZZmdGi+Bqsa
ie7GoygYqXFzq85iaON0qNFIrUASghhR8ZC5tixSEKjkQN5bOCx7T+3JsQJgr1uR
p0+CsX8sRn2z35ESpiojecV7ucsqaQcd/aE5CxGG/yeclTENFnanEAUxf6Fz7UvT
l9Fo/YnF+3oC1q6nga3CUriANMbrAJe8BrIjYeZ+AiqW/XZs/q8rWO5cpblyF/Fn
tOUtl9M3C4eWkLaj+QMouF728wYtJyP/yQ4Hk3oAw07DV9AAfBPTtgImjiItW2Ve
y0j4sb5ZqrazFfnDSFcYTHu7TzZSNoGCXpIXBiVSlMaT9SOSAipN/K3DWpTiIHcE
Mk8t3IVZho/+8moNY6jAJAyOu/QonLC79Gcf57BEnHi4jadK0Xvnnvjgh2503SyM
+pDHskHJ8HyjRmzN5wOgjWrqZBmQp4YEjCHTkrGAIvnLcBd05eENl3HuDx77PjCt
ZPjGU2ZcIZMs6/cH75CKre0nnWP/ptnhaFCAASNeS4Xqe8acHRnpNcwW5tJZVORw
pLSzQMDTs4LarT5hzSJaoFX4APqqBymRo6bFYwtdSQdhFxYXErFmwY5DHv7ErXYb
InDGgjnGEg744aJ19GgoYUHwyjXbZwEHIDcCxewi7GtUYFKEW7oP2Wwx5OjelCgk
OhyblYqWxbU=
=hs2N
-----END PGP SIGNATURE-----
pgpcZA4c8vMOq.pgp
Description: PGP signature
