sendmail-starttls-8.15.2-lp151.6.15 >  A \2/=„t{SBtfaqj`cpGo:mR$]D[Hys[MDD9F#4.vx**l{wX8'Z T%>]&ӊ!/2'8e761471fd4c718a654fd5407d79592d21fcf0c7fbc20ce0a0b2c78ae690d5609f9cc55f31985860ee6509f295d0e82449e34ce67\2/=„8،k#VAãc$H|Faɤ.ĶY|JV|,6bXjzh&*6%?`-$_XC^߮UmxϽERT56Y}ݒ$, .Eppjq-uncPJRiE>&'G Y~X4m4: X{4#^s. !\)\~u"s0ib0xoWVOoۘE'ғt%D >p;2t?2dd & K  7Xqw     4H\t(89:F0G00H0DI0XX0`Y0d\0x]0^0b0c1id1e1f1l1u1v1z22222`Csendmail-starttls8.15.2lp151.6.15BSD Sendmail Starttls helper scriptsThis package includes the directory layout as well as some useful helper scripts for better SSL/TLS support. "sendmail" is a trademark of Sendmail, Inc.\lamb09openSUSE Leap 15.1openSUSESendmailhttps://bugs.opensuse.orgProductivity/Networking/Securityhttp://www.sendmail.org/linuxnoarchAAAAA\\\\\rootrootrootrootrootrootrootrootrootrootsendmail-8.15.2-lp151.6.15.src.rpmsendmail-starttls    cyrus-sasl-saslauthdopensslrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1\/J[[ @[LZ&@Z@Z@ZC@ZY@YoIYR@XXX@XӸXO@X@W W@WbWbW=W@W@V]Dr. Werner Fink jengelh@inai.dewerner@suse.debwiedemann@suse.comwerner@suse.derbrown@suse.comwerner@suse.devcizek@suse.comkukuk@suse.dewerner@suse.dewerner@suse.dewerner@suse.dewerner@suse.dejengelh@inai.dewerner@suse.dewerner@suse.dekukuk@suse.dewerner@suse.dedimstar@opensuse.orgtchvatal@suse.comtchvatal@suse.comwerner@suse.dewerner@suse.dewerner@suse.dewerner@suse.de- Remove alias to mail-transfer-agent.target (boo#1116675)- Replace exec rm by delete/print.- Remove left over from last patch - Group daemon is required- Add sendmail-8.15.2-reproducible.patch to make package build reproducible- Add _FFR_TLS_EC m4 macro definition for site configuration as well (boo#1070065)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Apply former patches only if openssl 1.1.0+ are installed- support build with openssl 1.1 (bsc#1067222) * add patches from Fedora: sendmail-8.15.2-openssl-1.1.0-fix.patch sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch (rh#1473971)- Add libnsl-devel build requires for glibc obsoleting libnsl- Change requirements for libmilter and sendmail-devel as the library is also used by other MTA like postfix (boo#1049188)- Require user and group mail- Add bitdomain and uudomain to possible targets for refresh- Change spec file name scheme used for getting soname down into libmilter- Replace a find|xargs rm by -delete- New package libmilter1_0 for the shared library version of libmilter, the Sendmail Content Management API - Also new package libmilter-doc for the substantial documentation about Sendmail Content Management API (milter) - Make sendmail-tls a noarch package- Require m4 at build time- Don't use insserv together with systemd- Use _unitdir macro instead asking pkg config of systemd- Fix License: Even https://spdx.org/licenses/Sendmail.html lists "Sendmail" as the valid identifier. Same as http://license.opensuse.org/ does. "Sendmail License" is in the column "Full Name". The License: tag requires the identifier. - Fix some more rpmlint warnings: + sendmail: W: suse-missing-rclink sendmail: - Ship /usr/sbin/rcsendmail symlink to /usr/sbin/service + sendmail: W: suse-missing-rclink sendmail-client - Ship /usr/sbin/rcsendmail-client symlink to /usr/sbin/service + sendmail: W: suse-wrong-suse-capitalisation: - Rename README.SuSE to README.SUSE (fix spelling also inside the file). + sendmail: W: permissions-dir-without-slash - Fix permissions and permissions.paranoid inside sendmail-suse.tar.bz2. + sendmail: W: systemd-service-without-service_del_postun: - Add corresponding macros to postun script when not building with sysvinit support. + sendmail: W: systemd-service-without-service_add_pre: - Add corresponding macros to pre script when not building with sysvinit support.- Drop unused patch: * sendmail-8.14.7-warning.patch- Split uucp to separate package, no technical reason for it to not stand on its own - Drop uucp related patches: + uucp-1.07-contrib.dif + uucp-1.07-cu.patch + uucp-1.07-grade.patch + uucp-1.07-lockdev.patch + uucp-1.07.dif + uucp-texinfo-5.0.patch + drop_ftime.patch- Do not use http://license.opensuse.org/ as reference for the Sendmail license even if stated by rpmlint but https://spdx.org/licenses/Sendmail.html- Avoid warning from chkstat due slash on directory path as last character- Update to sendmail 8.15.2 (boo#975416) * If FEATURE(`nopercenthack') is used then some bogus input triggered a recursion which was caught and logged as SYSERR: rewrite: excessive recursion (max 50) ... Fix based on patch from Ondrej Holas. * DHParameters now by default uses an included 2048 bit prime. The value 'none' previously caused a log entry claiming there was an error "cannot read or set DH parameters". Also note that this option applies to the server side only. * The U= mailer field didn't accept group names containing hyphens, underbars, or periods. Based on patch from David Gwynne of the University of Queensland. * CONFIG: Allow connections from IPv6:0:0:0:0:0:0:0:1 to relay again. Patch from Lars-Johan Liman of Netnod Internet Exchange. * CONFIG: New option UseCompressedIPv6Addresses to select between compressed and uncompressed IPv6 addresses. The default value depends on the compile-time option IPV6_FULL: For 1 the default is False, for 0 it is True, thus preserving the current behaviour. Based on patch from John Beck of Oracle. * CONFIG: Account for IPv6 localhost addresses in FEATURE(`block_bad_helo'). Suggested by Andrey Chernov from FreeBSD and Robert Scheck from the Fedora Project. * CONFIG: Account for IPv6 localhost addresses in check_mail ruleset. * LIBMILTER: Deal with more invalid protocol data to avoid potential crashes. Problem noted by Dimitri Kirchner. * LIBMILTER: Allow a milter to specify an empty macro list ("", not NULL) in smfi_setsymlist() so no macro is sent for the selected stage. * MAKEMAP: A change to check TrustedUser in fewer cases which was made in 2013 caused a potential regression when makemap was run as root (which should not be done anyway). * SECURITY: Properly set the close-on-exec flag for file descriptors (except stdin, stdout, and stderr) before executing mailers. * If header rewriting fails due to a temporary map lookup failure, queue the mail for later retry instead of sending it without rewriting the header. Note: this is done while the mail is being sent and hence the transaction is aborted, which only works for SMTP/LMTP mailers hence the handling of temporary map failures is suppressed for other mailers. SMTP/LMTP servers may complain about aborted transactions when this problem occurs. See also "DNS Lookups" in sendmail/TUNING. * Incompatible Change: Use uncompressed IPv6 addresses by default, i.e., they will not contain "::". For example, instead of ::1 it will be 0:0:0:0:0:0:0:1. This permits a zero subnet to have a more specific match, such as different map entries for IPv6:0:0 vs IPv6:0. This change requires that configuration data (including maps, files, classes, custom ruleset, etc) must use the same format, so make certain such configuration data is updated before using 8.15. As a very simple check search for patterns like 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary, the prior format can be retained by compiling with: APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0') in your devtools/Site/site.config.m4 file. * If a connection to the MTA is dropped by the client before its hostname can be validated, treat it as "may be forged", so that the unvalidated hostname is not passed to a milter in xxfi_connect(). * Add a timeout for communication with socket map servers which can be specified using the -d option. * Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow numeric logins even if HESIOD is enabled. - sendmail 8.15.1 * The new option CertFingerprintAlgorithm specifies the finger- print algorithm (digest) to use for the presented cert. If the option is not set, md5 is used and the macro {cert_md5} contains the cert fingerprint. However, if the option is set, the specified algorithm (e.g., sha1) is used and the macro {cert_fp} contains the cert fingerprint. That is, as long as the option is not set, the behaviour does not change, but otherwise, {cert_md5} is superseded by {cert_fp} even if you set CertFingerprintAlgorithm to md5. * The options ServerSSLOptions and ClientSSLOptions can be used to set SSL options for the server and client side respectively. See SSL_CTX_set_options(3) for a list. Note: this change turns on SSL_OP_NO_SSLv2 and SSL_OP_NO_TICKET for the client. See doc/op/op.me for details. * The option CipherList sets the list of ciphers for STARTTLS. See ciphers(1) for possible values. * Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL" if a CRLFfile is in use (and LogLevel is 14 or higher.) * Store a more specific TLS protocol version in ${tls_version} instead of a generic one, e.g., TLSv1 instead of TLSv1/SSLv3. * Properly set {client_port} value on little endian machines. Patch from Kelsey Cummings of Sonic.net. * Per RFC 3848, indicate in the Received: header whether SSL or SMTP AUTH was negotiated by setting the protocol clause to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP. * If the 'C' flag is listed as TLSSrvOptions the requirement for the TLS server to have a cert is removed. This only works under very specific circumstances and should only be used if the consequences are understood, e.g., clients may not work with a server using this. * The options ClientCertFile, ClientKeyFile, ServerCertFile, and ServerKeyFile can take a second file name, which must be separated from the first with a comma (note: do not use any spaces) to set up a second cert/key pair. This can be used to have certs of different types, e.g., RSA and DSA. * A new map type "arpa" is available to reverse an IP (IPv4 or IPv6) address. It returns the string for the PTR lookup, but without trailing {ip6,in-addr}.arpa. * New operation mode 'C' just checks the configuration file, e.g., sendmail -C new.cf -bC will perform a basic syntax/consistency check of new.cf. * The mailer flag 'I' is deprecated and will be removed in a future version. * Allow local (not just TCP) socket connections to the server, e.g., O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock can be used. * If the new option MaxQueueAge is set to a value greater than zero, entries in the queue will be retried during a queue run only if the individual retry time has been reached which is doubled for each attempt. The maximum retry time is limited by the specified value. * New DontBlameSendmail option GroupReadableDefaultAuthInfoFile to relax requirement for DefaultAuthInfo file. * Reset timeout after receiving a message to appropriate value if STARTTLS is in use. Based on patch by Kelsey Cummings of Sonic.net. * Report correct error messages from the LDAP library for a range of small negative return values covering those used by OpenLDAP. * Fix compilation with Berkeley DB 5.0 and 6.0. Patch from Allan E Johannesen of Worcester Polytechnic Institute. * CONFIG: FEATURE(`nopercenthack') takes one parameter: reject or nospecial which describes whether to disallow "%" in the local part of an address. * DEVTOOLS: Fix regression in auto-detection of libraries when only shared libraries are available. Problem reported by Bryan Costales. * LIBMILTER: Mark communication socket as close-on-exec in case a user's filter starts other applications. Based on patch from Paul Howarth. - Modified patches sendmail-8.14.9.dif becomes sendmail-8.15.2.dif sendmail-8.14.7-select.dif sendmail-8.14.8-m4header.patch sendmail-fd-passing-libmilter.patch Removed patches sendmail-db6.diff sendmail-8.14.7-warning.patch- Do not enforce dependencies like for amavis and saslauthdlamb09 15564108448.15.2-lp151.6.15certscrlnewcertsprivatescripts/etc/mail/certs/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.1/standard/031ed9ca5274c10e2eb10e8cc4d0652b-sendmailcpioxz5x86_64-suse-linuxdirectorybG#'s(](gutf-89c3e63bc25507a66002df9b92d1fe170a3aa842a0ee3b19323a3e37a6d20d995?P7zXZ !t/y] crt:a`*r/FyC.`m=7i>b7jt1JiB&(y"PބS"aK~SZgn\*3SX/ZJ1)A{i@4g?(9Y8F]a$dUQ YZ