Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

sendmail-starttls-8.15.2-lp151.6.15 RPM for noarch

From OpenSuSE Leap 15.1 for noarch

Name: sendmail-starttls Distribution: openSUSE Leap 15.1
Version: 8.15.2 Vendor: openSUSE
Release: lp151.6.15 Build date: Sun Apr 28 02:20:44 2019
Group: Productivity/Networking/Security Build host: lamb09
Size: 0 Source RPM: sendmail-8.15.2-lp151.6.15.src.rpm
Summary: BSD Sendmail Starttls helper scripts
This package includes the directory layout as well as some useful
helper scripts for better SSL/TLS support.

"sendmail" is a trademark of Sendmail, Inc.






* Fri Jan 04 2019 Dr. Werner Fink <>
  -  Remove alias to (boo#1116675)
* Fri Jul 27 2018
  - Replace exec rm by delete/print.
* Mon Jul 16 2018
  - Remove left over from last patch
  - Group daemon is required
* Tue Dec 05 2017
  - Add sendmail-8.15.2-reproducible.patch to make package build reproducible
* Wed Nov 29 2017
  - Add _FFR_TLS_EC m4 macro definition for site configuration as
    well (boo#1070065)
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017
  - Apply former patches only if openssl 1.1.0+ are installed
* Wed Nov 08 2017
  - support build with openssl 1.1 (bsc#1067222)
    * add patches from Fedora:
      sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch (rh#1473971)
* Thu Aug 17 2017
  - Add libnsl-devel build requires for glibc obsoleting libnsl
* Wed Jul 19 2017
  -  Change requirements for libmilter and sendmail-devel as
    the library is also used by other MTA like postfix (boo#1049188)
* Thu May 11 2017
  - Require user and group mail
* Wed Apr 12 2017
  - Add bitdomain and uudomain to possible targets for refresh
* Wed Apr 12 2017
  - Change spec file name scheme used for getting soname down into
* Tue Apr 11 2017
  - Replace a find|xargs rm by -delete
* Thu Mar 23 2017
  - New package libmilter1_0 for the shared library version of
    libmilter, the  Sendmail Content Management API
  - Also new package libmilter-doc for the substantial documentation
    about Sendmail Content Management API (milter)
  - Make sendmail-tls a noarch package
* Mon Mar 06 2017
  - Require m4 at build time
* Mon Feb 20 2017
  - Don't use insserv together with systemd
* Mon Sep 26 2016
  - Use _unitdir macro instead asking pkg config of systemd
* Tue Jul 19 2016
  - Fix License: Even lists
    "Sendmail" as the valid identifier. Same as does. "Sendmail License" is in the
    column "Full Name". The License: tag requires the identifier.
  - Fix some more rpmlint warnings:
    + sendmail: W: suse-missing-rclink sendmail:
    - Ship /usr/sbin/rcsendmail symlink to /usr/sbin/service
    + sendmail: W: suse-missing-rclink sendmail-client
    - Ship /usr/sbin/rcsendmail-client symlink to /usr/sbin/service
    + sendmail: W: suse-wrong-suse-capitalisation:
    - Rename README.SuSE to README.SUSE (fix spelling also inside
      the file).
    + sendmail: W: permissions-dir-without-slash
    - Fix permissions and permissions.paranoid inside
    + sendmail: W: systemd-service-without-service_del_postun:
    - Add corresponding macros to postun script when not building
      with sysvinit support.
    + sendmail: W: systemd-service-without-service_add_pre:
    - Add corresponding macros to pre script when not building
      with sysvinit support.
* Thu Jun 16 2016
  - Drop unused patch:
    * sendmail-8.14.7-warning.patch
* Thu Jun 16 2016
  - Split uucp to separate package, no technical reason for it to not
    stand on its own
  - Drop uucp related patches:
    + uucp-1.07-contrib.dif
    + uucp-1.07-cu.patch
    + uucp-1.07-grade.patch
    + uucp-1.07-lockdev.patch
    + uucp-1.07.dif
    + uucp-texinfo-5.0.patch
    + drop_ftime.patch
* Thu May 19 2016
  - Do not use as reference for the Sendmail
    license even if stated by rpmlint but
* Thu Apr 14 2016
  - Avoid warning from chkstat due slash on directory path as last character
* Thu Apr 14 2016
  - Update to sendmail 8.15.2 (boo#975416)
    * If FEATURE(`nopercenthack') is used then some bogus input triggered
      a recursion which was caught and logged as
      SYSERR: rewrite: excessive recursion (max 50) ...
      Fix based on patch from Ondrej Holas.
    * DHParameters now by default uses an included 2048 bit prime.
      The value 'none' previously caused a log entry claiming
      there was an error "cannot read or set DH parameters".
      Also note that this option applies to the server side only.
    * The U= mailer field didn't accept group names containing hyphens,
      underbars, or periods.  Based on patch from David Gwynne
      of the University of Queensland.
    * CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again.
      Patch from Lars-Johan Liman of Netnod Internet Exchange.
    * CONFIG: New option UseCompressedIPv6Addresses to select between
      compressed and uncompressed IPv6 addresses.  The default
      value depends on the compile-time option IPV6_FULL:
      For 1 the default is False, for 0 it is True, thus
      preserving the current behaviour.  Based on patch from
      John Beck of Oracle.
    * CONFIG: Account for IPv6 localhost addresses in
      FEATURE(`block_bad_helo').  Suggested by Andrey Chernov
      from FreeBSD and Robert Scheck from the Fedora Project.
    * CONFIG: Account for IPv6 localhost addresses in check_mail ruleset.
    * LIBMILTER: Deal with more invalid protocol data to avoid potential
      crashes.  Problem noted by Dimitri Kirchner.
    * LIBMILTER: Allow a milter to specify an empty macro list ("", not
      NULL) in smfi_setsymlist() so no macro is sent for the
      selected stage.
    * MAKEMAP: A change to check TrustedUser in fewer cases which was
      made in 2013 caused a potential regression when makemap
      was run as root (which should not be done anyway).
    * SECURITY: Properly set the close-on-exec flag for file descriptors
      (except stdin, stdout, and stderr) before executing mailers.
    * If header rewriting fails due to a temporary map lookup failure,
      queue the mail for later retry instead of sending it
      without rewriting the header.  Note: this is done
      while the mail is being sent and hence the transaction
      is aborted, which only works for SMTP/LMTP mailers
      hence the handling of temporary map failures is
      suppressed for other mailers. SMTP/LMTP servers may
      complain about aborted transactions when this problem
      See also "DNS Lookups" in sendmail/TUNING.
    * Incompatible Change: Use uncompressed IPv6 addresses by default,
      i.e., they will not contain "::".  For example,
      instead of ::1 it will be 0:0:0:0:0:0:0:1.  This
      permits a zero subnet to have a more specific match,
      such as different map entries for IPv6:0:0 vs IPv6:0.
      This change requires that configuration data
      (including maps, files, classes, custom ruleset,
      etc) must use the same format, so make certain such
      configuration data is updated before using 8.15.
      As a very simple check search for patterns like
      'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary,
      the prior format can be retained by compiling with:
      APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0')
      in your devtools/Site/site.config.m4 file.
    * If a connection to the MTA is dropped by the client before its
      hostname can be validated, treat it as "may be forged",
      so that the unvalidated hostname is not passed to a
      milter in xxfi_connect().
    * Add a timeout for communication with socket map servers
      which can be specified using the -d option.
    * Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow
      numeric logins even if HESIOD is enabled.
    - sendmail 8.15.1
    * The new option CertFingerprintAlgorithm specifies the finger-
      print algorithm (digest) to use for the presented cert.
      If the option is not set, md5 is used and the macro
      {cert_md5} contains the cert fingerprint.
      However, if the option is set, the specified algorithm
      (e.g., sha1) is used and the macro {cert_fp} contains
      the cert fingerprint.
      That is, as long as the option is not set, the behaviour
      does not change, but otherwise, {cert_md5} is superseded
      by {cert_fp} even if you set CertFingerprintAlgorithm
      to md5.
    * The options ServerSSLOptions and ClientSSLOptions can be used
      to set SSL options for the server and client side
      respectively. See SSL_CTX_set_options(3) for a list.
      Note: this change turns on SSL_OP_NO_SSLv2 and
      SSL_OP_NO_TICKET for the client. See doc/op/
      for details.
    * The option CipherList sets the list of ciphers for STARTTLS.
      See ciphers(1) for possible values.
    * Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL"
      if a CRLFfile is in use (and LogLevel is 14 or higher.)
    * Store a more specific TLS protocol version in ${tls_version}
      instead of a generic one, e.g., TLSv1 instead of
    * Properly set {client_port} value on little endian machines.
      Patch from Kelsey Cummings of
    * Per RFC 3848, indicate in the Received: header whether SSL or
      SMTP AUTH was negotiated by setting the protocol clause
      to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP.
    * If the 'C' flag is listed as TLSSrvOptions the requirement for the
      TLS server to have a cert is removed.  This only works
      under very specific circumstances and should only be used
      if the consequences are understood, e.g., clients
      may not work with a server using this.
    * The options ClientCertFile, ClientKeyFile, ServerCertFile, and
      ServerKeyFile can take a second file name, which must be
      separated from the first with a comma (note: do not use
      any spaces) to set up a second cert/key pair. This can
      be used to have certs of different types, e.g., RSA
      and DSA.
    * A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
      address. It returns the string for the PTR lookup, but
      without trailing {ip6,in-addr}.arpa.
    * New operation mode  'C' just checks the configuration file, e.g.,
      sendmail -C -bC
      will perform a basic syntax/consistency check of
    * The mailer flag 'I' is deprecated and will be removed in a
      future version.
    * Allow local (not just TCP) socket connections to the server, e.g.,
      O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock
      can be used.
    * If the new option MaxQueueAge is set to a value greater than zero,
      entries in the queue will be retried during a queue run
      only if the individual retry time has been reached which
      is doubled for each attempt.  The maximum retry time is
      limited by the specified value.
    * New DontBlameSendmail option GroupReadableDefaultAuthInfoFile
      to relax requirement for DefaultAuthInfo file.
    * Reset timeout after receiving a message to appropriate value if
      STARTTLS is in use.  Based on patch by Kelsey Cummings
    * Report correct error messages from the LDAP library for a range of
      small negative return values covering those used by OpenLDAP.
    * Fix compilation with Berkeley DB 5.0 and 6.0.  Patch from
      Allan E Johannesen of Worcester Polytechnic Institute.
    * CONFIG: FEATURE(`nopercenthack') takes one parameter: reject or
      nospecial which describes whether to disallow "%" in the
      local part of an address.
    * DEVTOOLS: Fix regression in auto-detection of libraries when only
      shared libraries are available.  Problem reported by
      Bryan Costales.
    * LIBMILTER: Mark communication socket as close-on-exec in case
      a user's filter starts other applications.
      Based on patch from Paul Howarth.
  - Modified patches
    sendmail-8.14.9.dif becomes sendmail-8.15.2.dif
    Removed patches
* Tue Dec 01 2015
  -  Do not enforce dependencies like for amavis and saslauthd



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 9 11:19:24 2022