Sendmail 8.13.7 released
Jun. 15th, 2006 02:32 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
yesthattomWhile I am a Postfix user, I still try to keep up to date with what’s happening with Sendmail. Sendmail release 8.13.7 fixes a security problem that can be triggered by, well, I’ll let you read the message:
Then I realized... hardly anyone uses recursion. There will be no rash. Dang. :)
It fixes a potential denial of service problem caused by excessive recursion which leads to stack exhaustion when attempting delivery of a malformed MIME message. Therefore, the function mime8to7() has been modified to limit the recursion level at (the compile time constant) MAXMIMENESTING.I got all excited in a computer-security-geeky-kind-of-way when I read this. I though, “cool! Are we now going to see a rash of new security holes as everyone checks their source code for recursive functions and figures out ways to trigger infinite recursion?”
Then I realized... hardly anyone uses recursion. There will be no rash. Dang. :)
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2006-06-15 03:41 pm (UTC)