[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Richard A Nelson (Rick) <cowboy@debian.org> MIA

On 09/27/2010 10:14 PM, Stefano Zacchiroli wrote:

> On Mon, Sep 27, 2010 at 06:33:05PM +0200, Harald Jenny wrote:
>> I'm sorry for disturbing all of you but I'm currently facing the problem that
>> the maintainer of the Debian sendmail package, Richard A Nelson, seems to be
>> lost. He does not react to bug reports nor mails concerning the libmilter
>> package which is used by some other software. Please if anybody is in contact
>> with him try to convince him that an update of this package is really needed.
>> If there is no response from him I must contact the release team and ask if
>> they would be willing to accept an NMU as the bug in libmilter bites a lot of
>> other software.

I have indeed been MIA, working though back-to-back product releases - and now
have some breathing room before it all starts over again.

I had an upload of sendmail 8.14.4 all ready to go, but got bitten by DB 4.8
changes that completely broke sendmail (and a few other apps), and now there's
been a NMU or two that I have to refit and re-check DB 4.7 vs 4.8.

However, since we're now frozen, I'm not sure if a new version is going to be
accepted.  As I recall, upstream did not use the suggested patch verbatim, so
any updates to 8.14.3 should check against 8.14.4.

I'll get 8.14.4 into unstable in the next day or so, but what happens to
'stable' is likely going to be a policy/RM call.

Here's the upstream changelog which shows several important fixes - with the
most important (IMNSHO) being:
* The Security (top) entry
* Host lookup crash
* Several milter issues

8.14.4/8.14.4   2009/12/30
    SECURITY: Handle bogus certificates containing NUL characters
        in CNs by placing a string indicating a bad certificate
        in the {cn_subject} or {cn_issuer} macro.  Patch inspired
        by Matthias Andree's changes for fetchmail.
    During the generation of a queue identifier an integer overflow
        could occur which might result in bogus characters
        being used.  Based on patch from John Vannoy of
        Pepperdine University.
    The value of headers, e.g., Precedence, Content-Type, et.al.,
        was not processed correctly.  Patch from Per Hedeland.
    Between 8.11.7 and 8.12.0 the length limitation on a return
        path was erroneously reduced from MAXNAME (256) to
        MAXSHORTSTR (203).  Patch from John Gardiner Myers
        of Proofpoint; the problem was also noted by Steve
        Hubert of University of Washington.
    Prevent a crash when a hostname lookup returns a seemingly
        valid result which contains a NULL pointer (this seems
        to be happening on some Linux versions).
    The process title was missing the current load average when
        the MTA was delaying connections due to DelayLA.
        Patch from Dick St.Peters of NetHeaven.
    Do not reset the number of queue entries in shared memory if
        only some of them are processed.
    Fix overflow of an internal array when parsing some replies
        from a milter.  Problem found by Scott Rotondo
        of Sun Microsystems.
    If STARTTLS is turned off in the server (via M=S) then it
        would not be initialized for use in the client either.
        Patch from Kazuteru Okahashi of IIJ.
    If a Diffie-Hellman cipher is selected for STARTTLS, the
        handshake could fail with some TLS implementations
        because the prime used by the server is not long enough.
        Note: the initialization of the DSA/DH parameters for
        the server can take a significant amount of time on slow
        machines. This can be turned off by setting DHParameters
        to none or a file (see doc/op/op.me).  Patch from
        Petr Lampa of the Brno University of Technology.
    Fix handling of `b' modifier for DaemonPortOptions on little
        endian machines for loopback address.  Patch from
        John Beck of Sun Microsystems.
    Fix a potential memory leak in libsmdb/smdb1.c found by parfait.
        Based on patch from Jonathan Gray of OpenBSD.
    If a milter sets the reply code to "421" during the transfer
        of the body, the SMTP server will terminate the SMTP session
        with that error to match the behavior of the other callbacks.
    Return EX_IOERR (instead of 0) if a mail submission fails due to
        missing disk space in the mail queue.  Based on patch
        from Martin Poole of RedHat.
    CONFIG: Using FEATURE(`ldap_routing')'s `nodomain' argument would
        cause addresses not found in LDAP to be misparsed.
    CONFIG: Using a CN restriction did not work for TLS_Clt as it
        referred to a wrong macro.  Patch from John Gardiner
        Myers of Proofpoint.
    CONFIG: The option relaytofulladdress of FEATURE(`access_db')
        did not work if FEATURE(`relay_hosts_only') is used too.
        Problem noted by Kristian Shaw.
    CONFIG: The internal function lower() was broken and hence
        strcasecmp() did not work either, which could cause
        problems for some FEATURE()s if upper case arguments
        were used.  Patch from Vesa-Matti J Kari of the
        University of Helsinki.
    LIBMILTER: Fix internal check whether a milter application
        is compiled against the same version of libmilter as
        it is linked against (especially useful for dynamic
    LIBMILTER: Fix memory leak that occurred when smfi_setsymlist()
        was used.  Based on patch by Dan Lukes.
    LIBMILTER: Document the effect of SMFIP_HDR_LEADSPC for filters
        which add, insert, or replace headers.  From Benjamin
    LIBMILTER: Fix error messages which refer to "select()" to be
        correct if SM_CONF_POLL is used.  Based on patch from
        John Nemeth.
    LIBSM: Fix handling of LDAP search failures where the error is
        carried in the search result itself, such as seen with
        OpenLDAP proxy servers.
    VACATION: Do not refer to a local variable outside its scope.
        Based on patch from Mark Costlow of Southwest Cyberport.
        Enable HAVE_NANOSLEEP for SunOS 5.11. Patch from
        John Beck of Sun Microsystems.
        Drop NISPLUS from default SunOS 5.11 map definitions.
        Patch from John Beck of Sun Microsystems.

8.14.3/8.14.3   2008/05/03 ...

Reply to: