sendmail broken by libssl in current
Paul Hoffman
paul.hoffman at vpnc.org
Wed Mar 11 19:49:07 UTC 2015
On Mar 11, 2015, at 12:25 PM, Gregory Shapiro <gshapiro at freebsd.org> wrote:
>
>>> sendmail 8.15.1 is imported into the vendor area but not merged due to an incompatible change that is being moved into a run-time configuration variable in 8.15.2. Rather than expose the FreeBSD populate to the churn from that change, I am skipping 8.15.1 and will import 8.15.2.
>>>
>>> That being said, I can certainly make the local fix that Philip mention to take care of the padding issue. Is the new libssl in 11-CURRENT going to be/already been MFC'ed to other branches?
>>
>> I'm still *really* hesitant for us to be patching OpenSSL for a bug on a middlebox vendor's system that already has a fix.
>
> My intent is to patch sendmail, not OpenSSL, with a change that is already part of a newer sendmail release.
Ah, that wasn't clear from the thread, sorry. Sure, patching Sendmail for this seems fine. Thanks!
--Paul Hoffman
More information about the freebsd-security
mailing list