Patch-ID# 100377-17
Keywords: matching wildcard sendmail uid security performance null owner-alias
Synopsis: SunOS 4.1.x: sendmail jumbo patch 
Date: Sep/09/94

Solaris release: 1.1

SunOS release: 4.1.1, 4.1.2, 4.1.3, 4.1.3C
 
Topic: sendmail jumbo patch 
 
BugId's fixed with this patch: 	1144946 1056203 1030087 1068637 1085853 1041284 1092073 1092650 1093667 1089670 1084351 1142840 1151181 1152199 1082586 1048259 1160505 1153954

Changes incorporated in this version: 1153954

Architectures for which this patch is available: sun3 sparc

Patches which may conflict with this patch:

Obsoleted by: 

Problem Description: 

Bug ID: 1153954
---------------
unknown user in alias list kills the entire list if the mail is sent from a 
remote machine.

Bug ID: 1160505
---------------
sendmail dumps core if a very large debug level is specified.

Bug ID: 1048259
---------------
sendmail does not lookup owner-alias type aliases in nis map.

Bug ID: 1082586
---------------
sendmail does (while (getpwent != NULL)) if getpwnam fails
(This is a backport to SunOS 4.1.x of the fix in production SunOS 5.x)

Bug ID: 1151181
---------------
sendmail security

Bug ID: 1152199
---------------
sendmail .forward capability causes security hole

Bug ID: 1144946
---------------
Sendmail can be used to retrieve system files

Bug ID: 1056203
---------------
Take for example,

viewlogic.com.		IN	MX	10  suntan.viewlogic.com.
*.viewlogic.com.	IN	MX	10  suntan.viewlogic.com.

If the system runs sendmail.mx when it comes to a site that has MX records
setup then sendmail.mx will connect back to itself.  

This causes an "Internal error" message when sending mail.

Bug ID: 1030087
---------------
sendmail yp aliasing does not work with non sun yp masters

Bug ID: 1068637
---------------
sendmail ignores the .forward file of users with uid values over 32767

Bug ID: 1085853
---------------
security can be subverted with "LD_" environment variables

Bug ID: 1041284
---------------
Sendmail -t fails when nfs mount /var/spool/mail from mailhost

Bug ID: 1092073
---------------
sendmail loops on mail where name of recipient contains eight bit

Bug ID: 1092650
---------------
Sendmail truncates the header if the header length is too long

Bug ID: 1093667
---------------
Sendmail doesn't generate error mail in error conditions.

Bug ID: 1089670
---------------
Sendmail.mx doesn't handle subdomains.

Bug ID: 1084351 
---------------
Sendmail gets 550 user unknown during "rcpt to" right after reboot.

Bug ID: 1142840 
---------------
Sendmail ignores $HOME parameter in .forward file

INSTALL: 

Make a copy of the old files:
mv /usr/lib/sendmail.mx /usr/lib/sendmail.mx.fcs
mv /usr/lib/sendmail    /usr/lib/sendmail.fcs
mv /usr/lib/sendmail.main.cf /usr/lib/sendmail.main.cf.fcs
mv /usr/lib/sendmail.subsidiary.cf /usr/lib/sendmail.subsidiary.cf.fcs

Change permissions on old files so they can't be executed:
chmod 0400 /usr/lib/sendmail.mx.fcs /usr/lib/sendmail.fcs

Install the patched files:
cp `arch`/`uname -r`/sendmail /usr/lib/sendmail
cp `arch`/`uname -r`/sendmail.mx /usr/lib/sendmail.mx
cp sendmail.main.cf /usr/lib/sendmail.main.cf
cp sendmail.subsidiary.cf /usr/lib/sendmail.subsidiary.cf

change the owner and file permissions of /usr/lib/sendmail and 
/usr/lib/sendmail.mx to match those below:

chown root.staff /usr/lib/sendmail.mx /usr/lib/sendmail
chmod 4551 /usr/lib/sendmail.mx /usr/lib/sendmail


-r-sr-x--x  1 root     staff      155648 Oct 19 17:20 /usr/lib/sendmail
-r-sr-x--x  1 root     staff      172032 Oct 19 17:20 /usr/lib/sendmail.mx


Kill and restart sendmail and mailtool.
