Patch Name: PHNE_7481 Patch Description: s700_800 10.X cumulative sendmail patch Creation Date: 96/06/19 Post Date: 96/06/21 Warning: 96/08/29 - This Critical Warning has been issued by HP. The version of sendmail included in PHNE_7481 will not function correctly on HP-UX 10.01. Also, the version of sendmail included in PHNE_7481 and PHNE_8067 will not accept new SMTP connections if the daemon is waiting for input on pending connections and queue processing occurs. This will result in hung sendmail connections. Patch PHNE_8371 should be installed to correct the problem. Hardware Platforms - OS Releases: s700: 10.00 10.01 10.10 s800: 10.00 10.01 10.10 Products: N/A Filesets: InternetSrvcs.INETSVCS-RUN Automatic Reboot?: No Status: General Superseded With Warnings Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHNE_7481 Symptoms: PHNE_7481: 1. Corrupted msgid in syslog. 2. 250 Reply send to QUIT 3. Access check on files skipped 4. Defunct processes leftover during queue processing 5. X400 site hiding now supported 6. Uppercase local users supported in alias lists PHNE_6990: 1. If a new header was added to sendmail.cf that referenced $u inside <>, $u would not get expanded. PHNE_6834: 1. Newaliases and other sendmail functions would fail with an unresolved libdld reference. PHNE_6782: 1. DNS information which includes invalid characters can cause sendmail to act improperly. 2. The .forward file can be symbolically linked to a root-owned read-only file. Defect Description: PHNE_7481: 1. Only checked for first < in headers.c logic. 2. 050 Informational code not prepended to remote VERBose 3. Access check not performed properly 4. Using signals instead of wait to clean up after children 5. Ruleset changes added to support X400 site hiding 6. Ignored alias expansions for lowercase conversion PHNE_6990: 1. Macro expansion only took place for $u if it was alone on the RHS of the header line. PHNE_6834: 1. Sendmail was built in a 10.10 environment instead of a 10.0. Sendmail has been rebuilt to work in all three environments. PHNE_6782: 1. Sendmail now looks for newlines and other characters in DNS/resolver calls, and properly safeguards against possible damage. 2. The .forward file can no longer be a symbolic link. SR: 5003319343 1653151860 1653135467 5003313601 5003312983 1653160473 4701313007 1653157529 1653160499 Patch Files: /usr/sbin/sendmail /usr/newconfig/etc/mail/sendmail.cf what(1) Output: /usr/sbin/sendmail: Copyright (c) 1988 Regents of the University of Cali fornia. version.c $Revision: 1.40.112.5 $ PHNE_7481 $Date: 9 6/06/19 17:48:05 $ version.c 5.65 (Berkeley) 8/29/90 /usr/newconfig/etc/mail/sendmail.cf: $Revision: 1.30.112.2 $ cksum(1) Output: 1380714795 172032 /usr/sbin/sendmail 1407764920 75914 /usr/newconfig/etc/mail/sendmail.cf Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: If NIS is used, please install the latest NFS-NIS megapatch. Specifically, sendmail is affected by the latest version of ypmake, ypinit, and mkalias. Supersedes: PHNE_6782 PHNE_6834 PHNE_6990 Equivalent Patches: None Patch Package Size: 300 Kbytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_7481 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_7481.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHNE_7481.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. The cluster clients must be shut down as described in step 5b. By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_7481. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_7481.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_7481.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None