Commit Graph

13 Commits

Author SHA1 Message Date
Gregory Neil Shapiro
62dc14736f Cosmetic change: add blank line to improve readability. 2001-06-09 17:32:47 +00:00
Gregory Neil Shapiro
49f9275414 Update to listmanager 2.108 and reenable.
v2.108  Released May 07, 2001 17:10 (PST)
        - try to avoid deadlock in LogBounces() by setting a timeout on
          the OpenDB() call
        - add config parameter "umask"
          [suggested by gshapiro@gshapiro.net]
        - don't set Reply-To: header in NewPending()
          [suggested by gshapiro@gshapiro.net]
        - "mailqueue" is now restricted by the "memberlist" command
          [suggested by gshapiro@gshapiro.net]
        - make use of the "domain" setting on preselected lists using the
          mail interface
          [requested by gshapiro@gshapiro.net]
        - trim spaces off of possible signature terminators in
          IdentifyMessage()
          [suggested by gshapiro@gshapiro.net]
        - LIBMSK: reimplement Absolute()
        The following resulted from a code audit by Greg Shapiro of
        Sendmail, Inc. <gshapiro@gshapiro.net>, whose help is greatly
        appreciated:
        - SECURITY: shed privileges when -C is used on the command line
        - SECURITY: add a popen() wrapper to shed privileges when the command
          being executed isn't sendmail
        - SECURITY: bounce requests or mail referring to addresses containing
          bogus characters, to prevent remote attacks
        - SECURITY: add some boundary checking in a few places I'd missed
        - SECURITY: be paranoid and call sendmail with "--" before
          arguments provided remotely to prevent remote attacks
        - SECURITY: verify access permissions with lm_access() to prevent
          unauthorized file giveaways and overwrites
        - SECURITY: be pedantic about list names to prevent nasty operations
        - SECURITY: add and begin using lm_safefopen()
2001-05-15 06:45:00 +00:00
Gregory Neil Shapiro
c0455f026a Completed a code review of listmanager and found some things that need to be
fixed.  The author will be releasing a new version shortly.  Turn off this
port until the new version is ready.
2001-04-17 16:20:20 +00:00
Gregory Neil Shapiro
cf7d406097 Add two missing files and fixup directory removals in pkg-plist (bump revision) 2001-03-10 03:48:08 +00:00
Gregory Neil Shapiro
3ab51c3987 Update to version 2.107
Take over as maintainer of port.
2001-02-09 23:21:28 +00:00
Ying-Chieh Liao
badc0787b2 fix md5 checksum
PR:		23807
Submitted by:	Yen-Ming Lee <leeym@bsd.ce.ntu.edu.tw>
2001-02-08 18:19:20 +00:00
Steve Price
d26d09b244 Bump PORTREVISION (as I should have done with the previous commit) since
these ports now build again.
2000-10-29 22:58:07 +00:00
Steve Price
8f06113ec3 Binary distfile update on MASTER_SITE. 2000-10-29 22:38:07 +00:00
Kris Kennaway
e5f9da5743 Upgrade to listmanager 2.105p1 to fix local root exploits
Submitted by:	Murray S. Kucherawy <msk@sendmail.com> (author)
2000-09-08 09:37:25 +00:00
Kris Kennaway
250711f833 Mark FORBIDDEN due to local buffer overflow yielding root. 2000-08-17 02:07:33 +00:00
Chris D. Faulhaber
a31a942a8d *** empty log message *** 2000-07-14 12:19:11 +00:00
Chris D. Faulhaber
4c7021aa0f Remove all installed files (yes etc/listmanager.cf, this means you too)
Noticed by:	bento
2000-07-14 12:17:30 +00:00
Will Andrews
dea01634c6 Add listmanager, a cool list manager with many features not found in other
list managers like majordomo.  For the time being it will remain binary.

Discussed with:	author (albeit this was about 6 months ago)
2000-07-09 08:46:46 +00:00