Date: Fri, 6 Nov 1998 00:46:42 +0100 (CET) From: Leif Neland <leifn@swimsuit.internet.dk> To: jack <jack@germanium.xtalwind.net> Cc: freebsd-current@FreeBSD.ORG Subject: Re: sendmail.8.9.1a patch Message-ID: <Pine.BSF.4.05.9811060043160.6421-100000@gina.swimsuit.internet.dk> In-Reply-To: <Pine.BSF.4.05.9811051703370.6164-100000@germanium.xtalwind.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 5 Nov 1998, jack wrote: > On Thu, 5 Nov 1998, Leif Neland wrote: > > > Could somebody please apply the sendmail-8.9.1a patch to > > /usr/src/contrib/sendmail? > > Let's hope not, at least not as the default. From > sendmail.8.9.1a.patch.README > > Introduction > > [snip] > It is important to note that sendmail itself is not > vulnerable to these attacks. > [snip] > > Tradeoffs > > As this patch requires scanning the body of the message for > MIME indicators, there will be a performance penalty to run > this code. > But it doesn't hurt to compile it in (it will probably be in 8.9.2 anyway). If you dont put the LOCAL_CONFIG O MaxMimeHeaderLength=256/128 in sendmail.mc, it will not be used, anf performance shouldn't be hurt. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9811060043160.6421-100000>