yesthattom: (Default)
yesthattom ([personal profile] yesthattom) wrote2006-06-15 02:32 pm
  • Add Memory
  • Share This Entry
  • Current Mood: funny
Entry tags:

Sendmail 8.13.7 released

While I am a Postfix user, I still try to keep up to date with what’s happening with Sendmail. Sendmail release 8.13.7 fixes a security problem that can be triggered by, well, I’ll let you read the message:
It fixes a potential denial of service problem caused by excessive recursion which leads to stack exhaustion when attempting delivery of a malformed MIME message. Therefore, the function mime8to7() has been modified to limit the recursion level at (the compile time constant) MAXMIMENESTING.
I got all excited in a computer-security-geeky-kind-of-way when I read this. I though, “cool! Are we now going to see a rash of new security holes as everyone checks their source code for recursive functions and figures out ways to trigger infinite recursion?”

Then I realized... hardly anyone uses recursion. There will be no rash. Dang. :)
  • Add Memory
  • Share This Entry
(5 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.