diff options
| author | Adrien Nader <adrien@notk.org> | 2010-07-09 14:00:58 +0200 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2010-07-09 14:00:58 +0200 |
| commit | 9d480d4f36f8990ceb43315d6b06e1ae0e9470b5 (patch) | |
| tree | c07898af606c18b9ad106e028f3bafce7a96ca1d /slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc | |
Wed Jun 30 04:51:49 UTC 2010
l/libpng-1.4.3-x86_64-1.txz: Upgraded.
Upgraded to libpng-1.2.44 and libpng-1.4.3.
This fixes out-of-bounds memory write bugs that could lead to crashes
or the execution of arbitrary code, and a memory leak bug which could
lead to application crashes.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
(* Security fix *)
l/libtiff-3.9.4-x86_64-1.txz: Upgraded.
This fixes image structure handling bugs that could lead to crashes or
execution of arbitrary code if a specially-crafted TIFF image is loaded.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
(* Security fix *)
+--------------------------+
Sun Jun 27 17:25:18 UTC 2010
xap/mozilla-firefox-3.6.6-x86_64-1.txz: Upgraded.
This changes the crash protection feature to increase the timeout
before a plugin is considered non-responsive.
+--------------------------+
Sun Jun 27 03:43:13 UTC 2010
ap/ghostscript-8.71-x86_64-3.txz: Rebuilt.
Merged an upstream patch from Till Kamppeter to fix printing black pages
with CUPS and certain printers.
+--------------------------+
Fri Jun 25 05:28:02 UTC 2010
a/cups-1.4.4-x86_64-1.txz: Upgraded.
Fixed a memory allocation error in texttops.
Fixed a Cross-Site Request Forgery (CSRF) that could allow a remote
attacker to reconfigure or disable CUPS if a CUPS admin logged into the
web interface visited a specially-crafted website.
Fixed a bug where uninitialized memory from the cupsd process could
reveal sensitive information.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1748
(* Security fix *)
d/ccache-3.0-x86_64-1.txz: Upgraded.
d/gdb-7.1-x86_64-2.txz: Rebuilt.
Added --with-python=no to fix errors about missing backtrace.py, which is
not yet in stable glib. Thanks to David Woodfall.
l/imlib-1.9.15-x86_64-7.txz: Rebuilt.
This fixes problems linking with libpng.
l/seamonkey-solibs-2.0.5-x86_64-1.txz: Upgraded.
n/bind-9.7.1-x86_64-1.txz: Upgraded.
This fixes possible DNS cache poisoning attacks when DNSSEC is enabled
and checking is disabled (CD).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
(* Security fix *)
Thanks to Rob McGee for help with the upgrade to BIND 9.7.x.
xap/mozilla-firefox-3.6.4-x86_64-1.txz: Upgraded.
This fixes some security issues.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
(* Security fix *)
xap/mozilla-thunderbird-3.1-x86_64-1.txz: Upgraded.
(* Security fix *)
xap/seamonkey-2.0.5-x86_64-1.txz: Upgraded.
This release fixes some more security vulnerabilities.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
(* Security fix *)
+--------------------------+
Sat Jun 19 00:59:41 UTC 2010
testing/packages/btrfs-progs-20100618-x86_64-1.txz:
Added btrfs-convert. Thanks to mancha.
+--------------------------+
Fri Jun 18 18:12:04 UTC 2010
ap/alsa-utils-1.0.23-x86_64-2.txz: Rebuilt.
Patched alsaconf to generate /etc/modprobe.d/sound.conf.
Thanks to Alan Hicks.
kde/kdebase-workspace-4.4.3-x86_64-2.txz: Rebuilt.
Patched xinitrc.kde to launch with ck-launch-session only if the
DESKTOP_SESSION variable is empty. This fixes a bug where a ck-aware
login manager such as KDM may have already launched a ConsoleKit
session, causing the xinitrc to launch another one and marking the
first one inactive. This can lead to auth failures.
Thanks to Robby Workman.
n/samba-3.5.3-x86_64-1.txz: Upgraded.
xap/xfce-4.6.1-x86_64-9.txz: Rebuilt.
Patched xinitrc.xfce to launch with ck-launch-session only if the
DESKTOP_SESSION variable is empty. Thanks to Robby Workman.
+--------------------------+
Wed May 19 08:58:23 UTC 2010
Slackware 13.1 x86_64 stable is released!
Lots of thanks are due -- see the RELEASE_NOTES and the rest of the
ChangeLog for credits. The ISOs are on their way to replication,
a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD.
We are taking pre-orders now at store.slackware.com, and offering
a discount if you sign up for a subscription. Consider picking up
a copy to help support the project. Thanks again to the Slackware
community for testing, contributing, and generally holding us to a
high level of quality. :-)
Enjoy!
Diffstat (limited to 'slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc')
| -rw-r--r-- | slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc b/slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc new file mode 100644 index 000000000..01a66775b --- /dev/null +++ b/slackware64-current/source/n/sendmail/sendmail-slackware-tls.mc @@ -0,0 +1,56 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL |