Debian Bug report logs -
#841257
sendmail: Privilege escalation from group smmsp to (user) root
Reported by: Paul Szabo <paul.szabo@sydney.edu.au>
Date: Wed, 19 Oct 2016 01:36:01 UTC
Severity: grave
Tags: patch, security
Found in versions sendmail/8.14.4-8, sendmail/8.14.4-8+deb8u1, sendmail/8.14.4-4+deb7u1
Fixed in versions sendmail/8.15.2-7, sendmail/8.14.4-8+deb8u2
Done: Andreas Beckmann <anbe@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 19 Oct 2016 01:36:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Paul Szabo <paul.szabo@sydney.edu.au>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QA Group <packages@qa.debian.org>.
(Wed, 19 Oct 2016 01:36:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: sendmail
Version: 8.14.4-8+deb8u1
Severity: grave
Tags: patch security
Justification: user security hole
Supposing that due to some bug in sendmail, we were able to execute
commands as group smmsp, then that might be leveraged to cause root
to create any (empty) file.
The directory /var/run/sendmail/stampdir is group-smmsp-writable, so
we (as group smmsp) could create symlinks there pointing to any name.
Then when /etc/init.d/sendmail was run as root (to restart the daemon
maybe?), one or another of the symlinks
/var/run/sendmail/stampdir/reload
/var/run/sendmail/stampdir/cron_msp
/var/run/sendmail/stampdir/cron_mta
/var/run/sendmail/stampdir/cron_msp
might be followed to create an empty file.
Lines in /etc/init.d/sendmail:
...
110 SENDMAIL_ROOT='/var/run/sendmail';
...
144 STAMP_DIR="${SENDMAIL_ROOT}/stampdir";
...
246 touch $STAMP_DIR/reload;
...
367 touch $STAMP_DIR/reload;
...
900 touch $STAMP_DIR/cron_msp;
...
912 touch $STAMP_DIR/cron_mta;
...
938 touch $STAMP_DIR/cron_msp;
...
1130 if [ ! -d "${STAMP_DIR}" ]; then
1131 mkdir -p "${STAMP_DIR}";
1132 chown root:smmsp "${STAMP_DIR}";
1133 chmod 02775 "${STAMP_DIR}";
1134 fi;
...
Things missing to make a "convincing" exploit:
- a way to "get" group smmsp: there have not been such issues for some
years now;
- how to trick the sysadmin into restarting sendmail;
- under what conditions would any of those "touch" lines be run;
- a way to "get root" by creating some empty file: damage can be done
with /etc/nologin, maybe some exploitation with /etc/hosts.deny.
Seems this issue has low priority.
My suggested fix:
$ diff /etc/init.d/sendmail.bak <---> /etc/init.d/sendmail
246c246
< touch $STAMP_DIR/reload;
---
> su smmsp -s /bin/bash -c "touch $STAMP_DIR/reload";
367c367
< touch $STAMP_DIR/reload;
---
> su smmsp -s /bin/bash -c "touch $STAMP_DIR/reload";
900c900
< touch $STAMP_DIR/cron_msp;
---
> su smmsp -s /bin/bash -c "touch $STAMP_DIR/cron_msp";
912c912
< touch $STAMP_DIR/cron_mta;
---
> su smmsp -s /bin/bash -c "touch $STAMP_DIR/cron_mta";
938c938
< touch $STAMP_DIR/cron_msp;
---
> su smmsp -s /bin/bash -c "touch $STAMP_DIR/cron_msp";
Cheers, Paul
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 19 Oct 2016 02:36:02 GMT) (full text, mbox, link).
Acknowledgement sent
to paul.szabo@sydney.edu.au:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 19 Oct 2016 02:36:02 GMT) (full text, mbox, link).
Message #10 received at 841257@bugs.debian.org (full text, mbox, reply):
Hmm... you may also need to (once) do:
chown smmsp /var/run/sendmail/stampdir/reload
when adopting my patch.
Cheers, Paul
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 19 Oct 2016 06:15:07 GMT) (full text, mbox, link).
Acknowledgement sent
to paul.szabo@sydney.edu.au:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 19 Oct 2016 06:15:07 GMT) (full text, mbox, link).
Message #15 received at 841257@bugs.debian.org (full text, mbox, reply):
Hmm (again) ... Maybe file /usr/share/sendmail/sendmail needs updating
also? It is almost identical to /etc/init.d/sendmail, and in file
/etc/cron.daily/sendmail I notice the lines:
...
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MSP queues.
*/20 * * * * smmsp test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MTA queues.
# Will also run MSP queues if enabled
#*/10 * * * * root test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-mta
...
Maybe no problem as long as that second line is commented out.
I wonder about the first line (whether it is needed), seeing how my
machines always have a process like:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
smmsp 2880 0.0 0.0 11956 3236 ? Ss Oct11 0:00 sendmail: Queue runner@00:10:00 for /var/spool/mqueue-client
running.
Cheers, Paul
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Marked as found in versions sendmail/8.14.4-8.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Thu, 27 Oct 2016 00:00:13 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 09 Nov 2016 09:42:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Andreas Beckmann <anbe@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 09 Nov 2016 09:42:02 GMT) (full text, mbox, link).
Message #22 received at 841257@bugs.debian.org (full text, mbox, reply):
On 2016-10-19 08:12, paul.szabo@sydney.edu.au wrote:
> Hmm (again) ... Maybe file /usr/share/sendmail/sendmail needs updating
> also?
It's generated from the same template script, only the initscript gets
an additional header.
I have a completely untested patch sitting in GIT - do you have a
possibility to test packages built from that?
Andreas
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 09 Nov 2016 23:45:02 GMT) (full text, mbox, link).
Acknowledgement sent
to paul.szabo@sydney.edu.au:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 09 Nov 2016 23:45:02 GMT) (full text, mbox, link).
Message #27 received at 841257@bugs.debian.org (full text, mbox, reply):
Dear Andreas,
> I have a completely untested patch sitting in GIT - do you have a
> possibility to test packages built from that?
I could replace files, or DEB packages, on some test machines. Do not
know whether that testing would be exhaustive: do not know how many
features of the sendmail package I use. Or if the changes are "small"
then could just inspect.
Cheers, Paul
Reply sent
to Andreas Beckmann <anbe@debian.org>:
You have taken responsibility.
(Wed, 30 Nov 2016 19:45:12 GMT) (full text, mbox, link).
Notification sent
to Paul Szabo <paul.szabo@sydney.edu.au>:
Bug acknowledged by developer.
(Wed, 30 Nov 2016 19:45:12 GMT) (full text, mbox, link).
Message #32 received at 841257-close@bugs.debian.org (full text, mbox, reply):
Source: sendmail
Source-Version: 8.15.2-7
We believe that the bug you reported is fixed in the latest version of
sendmail, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 841257@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated sendmail package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 30 Nov 2016 12:32:49 +0100
Source: sendmail
Binary: sendmail-bin rmail sensible-mda libmilter1.0.1 libmilter-dev sendmail-doc sendmail sendmail-base sendmail-cf
Architecture: source
Version: 8.15.2-7
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Description:
libmilter-dev - Sendmail Mail Filter API (Milter) (development files)
libmilter1.0.1 - Sendmail Mail Filter API (Milter)
rmail - MTA->UUCP remote mail handler
sendmail - powerful, efficient, and scalable Mail Transport Agent (metapacka
sendmail-base - powerful, efficient, and scalable Mail Transport Agent (arch inde
sendmail-bin - powerful, efficient, and scalable Mail Transport Agent
sendmail-cf - powerful, efficient, and scalable Mail Transport Agent (config ma
sendmail-doc - powerful, efficient, and scalable Mail Transport Agent (documenta
sensible-mda - Mail Delivery Agent wrapper
Closes: 840837 841257 843682
Changes:
sendmail (8.15.2-7) unstable; urgency=medium
.
* QA upload.
* Fix openssl argument order. (Closes: #843682)
* sendmail-bin: Add missing Depends: lsb-base.
* Stop using dh_buildinfo in favor of dpkg-buildinfo.
* Enable more hardening flags.
* debian/examples/db/access: Comment out localhost entries, may be forged.
(Closes: #840837)
* Only touch files as smmsp:smmsp in /var/run/sendmail/stampdir (writable by
group smmsp) to avoid possible privilege escalation. (Closes: #841257)
Checksums-Sha1:
6797e584e083de8c29518b33e71193cce0f71f6f 2522 sendmail_8.15.2-7.dsc
77c866ff57a0c3f06b7021cc257db1662166bfcc 406764 sendmail_8.15.2-7.debian.tar.xz
Checksums-Sha256:
fc58d44f3e7c0ae863d6b0cef33080cc5455d8c42aca1dbc5f7fb00a58e46429 2522 sendmail_8.15.2-7.dsc
b0506ba4b2e55de2c4ac2e5b64ae0659fdc1ad781f3be6111eec6f50e4294fdc 406764 sendmail_8.15.2-7.debian.tar.xz
Files:
9fb79c6cfb122920429619b7055978e5 2522 mail extra sendmail_8.15.2-7.dsc
d6eaa8111c7fa4ff5a4e64ef6a0d4dbd 406764 mail extra sendmail_8.15.2-7.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJYPr+WAAoJEF+zP5NZ6e0I0moQAJCnkejDRxLtziHp5D1vgy3V
DkHiBv8hqqN7DmkCAf7AjbyloyhLAyE/t2PAM3+knyAoL6ZCkWAgdXo/0/kSGjph
n7Je7TfebbbaB6odUVkThbEgLF5j1aetzz5sAt9N010Wk0Y2MzTYvK66igqX5X1D
YZyzK3g64BRDSReJDCFZ5VArvcbMII03VEKovfFr2W7Urg9+h8NHGA5eYYGkc7/c
CrdOTjLez/rpm+rQRyCJWQIZN10XP8RUt+o6llievNCC4mib/0nIn4tNp0b75g5H
3LzW0pXaWbwWt4+Mk6B+fWNpD6zFTVLB3AG2wCjOTbvkhoAIjX4cDYKTGNxrEPet
EjZgn7INBQXRjCF5ExbOJGxJehaJcLD8Ce/xzyIvcRCsM9HbIZ3Y1Lq3dPcRnXay
BV1o/kLbaNzuuHnR2knEMt+CxPCgwNRmcMMCSyzggKJbZK2dppZgX/sk/Bcr2qQ9
BMXFJmZ1NSU+RHfMX3qobsdgguvk6XDusgtLa/E44VJ8g2ICxEz5pbHtDW47Lymt
gkgD+VpS17QQoY2EQk5fmhA8Y02dd44mjfUoCKs7un1rpRQkqCLbEMDXl/Dyh8k2
6rM+Uhl/sXbRSZh/RoReIK7C20wy9+E94XtI5vbyTRBSmwXZMWuJnDyJ9ZjD2dNf
Ng917IsHThQta3UG2Uoi
=LbHI
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 07 Dec 2016 16:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "Axel 'the C.L.A.' Müller" <cla@vorsicht-bissig.de>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 07 Dec 2016 16:15:03 GMT) (full text, mbox, link).
Message #37 received at 841257@bugs.debian.org (full text, mbox, reply):
Seems this change now causes cron to spam like:
From: root@e560 (Cron Daemon)
To: root@e560
Subject: Cron <smmsp@e560> test -x /etc/init.d/sendmail && test
-x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail
&& /usr/share/sendmail/sendmail cron-msp
su: Muss von einem Terminal gestartet werden.
(Translation: "su: Needs to be started from a terminal")
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Wed, 07 Dec 2016 21:27:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Andreas Beckmann <anbe@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Wed, 07 Dec 2016 21:27:06 GMT) (full text, mbox, link).
Message #42 received at 841257@bugs.debian.org (full text, mbox, reply):
On 2016-12-07 17:12, Axel 'the C.L.A.' Müller wrote:
> Seems this change now causes cron to spam like:
>
> From: root@e560 (Cron Daemon)
> To: root@e560
> Subject: Cron <smmsp@e560> test -x /etc/init.d/sendmail && test
> -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail
> && /usr/share/sendmail/sendmail cron-msp
>
> su: Muss von einem Terminal gestartet werden.
>
> (Translation: "su: Needs to be started from a terminal")
>
can you try to replace the touch_stamp() method in
/usr/share/sendmail/sendmail with this:
touch_stamp() {
if [ "$(id -nu)" = "smmsp" ]; then
touch "$1"
else
su smmsp -s /bin/sh -c "touch '$1'"
fi
}
That should work at least for the smmsp cronjob ...
Andreas
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Thu, 08 Dec 2016 15:51:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "Axel 'the C.L.A.' Müller" <cla@vorsicht-bissig.de>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Thu, 08 Dec 2016 15:51:03 GMT) (full text, mbox, link).
Message #47 received at 841257@bugs.debian.org (full text, mbox, reply):
On Wed, 7 Dec 2016 22:24:22 +0100
Andreas Beckmann <anbe@debian.org> wrote:
> On 2016-12-07 17:12, Axel 'the C.L.A.' Müller wrote:
> > Seems this change now causes cron to spam like:
> >
> > From: root@e560 (Cron Daemon)
> > To: root@e560
> > Subject: Cron <smmsp@e560> test -x /etc/init.d/sendmail && test
> > -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail
> > && /usr/share/sendmail/sendmail cron-msp
> >
> > su: Muss von einem Terminal gestartet werden.
> >
> > (Translation: "su: Needs to be started from a terminal")
> >
>
> can you try to replace the touch_stamp() method in
> /usr/share/sendmail/sendmail with this:
>
>
> touch_stamp() {
> if [ "$(id -nu)" = "smmsp" ]; then
> touch "$1"
> else
> su smmsp -s /bin/sh -c "touch '$1'"
> fi
> }
>
>
> That should work at least for the smmsp cronjob ...
>
>
> Andreas
Seems to work fine - at least I'm not getting those mails anymore.
Thx. :)
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Thu, 08 Dec 2016 18:12:30 GMT) (full text, mbox, link).
Acknowledgement sent
to Andreas Beckmann <anbe@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Thu, 08 Dec 2016 18:12:30 GMT) (full text, mbox, link).
Message #52 received at 841257@bugs.debian.org (full text, mbox, reply):
On 2016-12-08 16:46, Axel 'the C.L.A.' Müller wrote:
> Seems to work fine - at least I'm not getting those mails anymore.
I've now implemented a different way to aquire lockfiles for the
cronjobs, let's hope that does work as well. Just uploaded to unstable.
Andreas
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian QA Group <packages@qa.debian.org>:
Bug#841257; Package sendmail.
(Sat, 14 Jan 2017 00:06:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Debian QA Group <packages@qa.debian.org>.
(Sat, 14 Jan 2017 00:06:06 GMT) (full text, mbox, link).
Message #57 received at 841257@bugs.debian.org (full text, mbox, reply):
On Thu, Dec 08, 2016 at 07:11:27PM +0100, Andreas Beckmann wrote:
> On 2016-12-08 16:46, Axel 'the C.L.A.' Müller wrote:
> > Seems to work fine - at least I'm not getting those mails anymore.
>
> I've now implemented a different way to aquire lockfiles for the
> cronjobs, let's hope that does work as well. Just uploaded to unstable.
Since this has settled a bit in unstable, could you also fix this
for the next jessie point release?
Cheers,
Moritz
Marked as found in versions sendmail/8.14.4-4+deb7u1.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Mon, 16 Jan 2017 14:42:05 GMT) (full text, mbox, link).
Reply sent
to Andreas Beckmann <anbe@debian.org>:
You have taken responsibility.
(Sun, 12 Feb 2017 22:51:14 GMT) (full text, mbox, link).
Notification sent
to Paul Szabo <paul.szabo@sydney.edu.au>:
Bug acknowledged by developer.
(Sun, 12 Feb 2017 22:51:14 GMT) (full text, mbox, link).
Message #64 received at 841257-close@bugs.debian.org (full text, mbox, reply):
Source: sendmail
Source-Version: 8.14.4-8+deb8u2
We believe that the bug you reported is fixed in the latest version of
sendmail, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 841257@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <anbe@debian.org> (supplier of updated sendmail package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 06 Feb 2017 00:16:03 +0100
Source: sendmail
Binary: sendmail-bin rmail sensible-mda libmilter1.0.1 libmilter1.0.1-dbg libmilter-dev sendmail-doc sendmail sendmail-base sendmail-cf
Architecture: source all
Version: 8.14.4-8+deb8u2
Distribution: jessie
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Description:
libmilter-dev - Sendmail Mail Filter API (Milter) (development files)
libmilter1.0.1 - Sendmail Mail Filter API (Milter)
libmilter1.0.1-dbg - Sendmail Mail Filter API (Milter) (debug symbols)
rmail - MTA->UUCP remote mail handler
sendmail - powerful, efficient, and scalable Mail Transport Agent (metapacka
sendmail-base - powerful, efficient, and scalable Mail Transport Agent (arch inde
sendmail-bin - powerful, efficient, and scalable Mail Transport Agent
sendmail-cf - powerful, efficient, and scalable Mail Transport Agent (config ma
sendmail-doc - powerful, efficient, and scalable Mail Transport Agent (documenta
sensible-mda - Mail Delivery Agent wrapper
Closes: 841257
Changes:
sendmail (8.14.4-8+deb8u2) jessie; urgency=medium
.
* QA upload.
* Only touch files as smmsp:smmsp in /var/run/sendmail/stampdir (writable by
group smmsp) to avoid possible privilege escalation. (Closes: #841257)
* Use lockfile-create (from lockfile-progs) instead of touch to manage the
cronjob lockfiles.
* sendmail-base: Add Depends: netbase for /etc/services.
Checksums-Sha1:
b8d2825bcae45db53fb5630cf450304d47a0b66b 2633 sendmail_8.14.4-8+deb8u2.dsc
f25c3c8e2805c398a9a0bf49984e85032ad9bc1f 395860 sendmail_8.14.4-8+deb8u2.debian.tar.xz
1e208e8905da4de797743d130a5c18760a87b871 860236 sendmail-doc_8.14.4-8+deb8u2_all.deb
35e2082c6efd5f8453f3098244fd0ed905a77e73 217222 sendmail_8.14.4-8+deb8u2_all.deb
5a4e80c4d95ae4b44b9ff519e0910cff7cb84fcf 339092 sendmail-base_8.14.4-8+deb8u2_all.deb
b3e2163ee38b53456ae5e064bf8f0cb5ad8b16cc 286272 sendmail-cf_8.14.4-8+deb8u2_all.deb
Checksums-Sha256:
e34ec9c55b23f130999c5fcf81d4827023c64c02f9e5555d5dfeb203f13e7a5f 2633 sendmail_8.14.4-8+deb8u2.dsc
177ffe6a2191ac2c31688a8207115e7f3ff0d537f898c56b943d000429632d30 395860 sendmail_8.14.4-8+deb8u2.debian.tar.xz
196744d13faea50d8e9b9dffb3352fa2cef10a1520f88d89b32341db76d3b4cd 860236 sendmail-doc_8.14.4-8+deb8u2_all.deb
cf536fca6d870e56628f2ddf9fe6a1f9702fd7a160f61a58a5e42a887a718ccc 217222 sendmail_8.14.4-8+deb8u2_all.deb
90f47255e974bd6f29da29a0f20bf6edac5af935f2a434a4a77826fc862382cf 339092 sendmail-base_8.14.4-8+deb8u2_all.deb
f6e61296bd8945f08d0e6a7dae92f9bd541478ef63155475e8ae15accf0cda0b 286272 sendmail-cf_8.14.4-8+deb8u2_all.deb
Files:
5fc10ba170ba4195f72700c03af7a91f 2633 mail extra sendmail_8.14.4-8+deb8u2.dsc
ff47729b84f8313fe421078b8a571aa1 395860 mail extra sendmail_8.14.4-8+deb8u2.debian.tar.xz
c0286e4131d77ba601916580785f1d2c 860236 doc extra sendmail-doc_8.14.4-8+deb8u2_all.deb
1fd1ed47c6cb5a36f9c49df452e923ee 217222 mail extra sendmail_8.14.4-8+deb8u2_all.deb
257e5176dfb463c8b55912686422c488 339092 mail extra sendmail-base_8.14.4-8+deb8u2_all.deb
d8575e3d506f85f55fb52281b0bf4a01 286272 mail extra sendmail-cf_8.14.4-8+deb8u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJYl7j0AAoJEF+zP5NZ6e0ITsQP/Rqh2cZTtlSL1uzDvJkV3Bfb
Au4kQ7scl4bbSGM0c0bhGsdphzs1epx8eHrVZQmWZ7Q6w5h4/YxeixIFsEq83thB
RngZuXt+8cFna3NukvROlRPLon4i1XRAB5GfP7UY/TkErrJS6ucPfIGIg4IIJZlj
7PSIk2DUK9tzrfT3LWC6RkzTbFPbUNTUQt70QZmPDIOjgRn5D3kbga0xyNX9qLFF
HZSvdqjszt5/Uc8QnW5hUEpG7vV+1efuBQeYZxXK7uwiypSssni0eKg6tcr6e5TR
Uyx09MHobEe2EgfI8M2YltvZ0vQ0hMUi2tSCCal9HUXRrI23EyGYvt9Og6KqVnfK
h7ogRyzJ2utf9B0wgwfNsk0NAN0JMtnvl+DhHMgyndXGJSBK9Vhlvzup7lT1LN51
tAoD1M4gX++NVlgu2h+VGZUo2ioXEeqUPKP9M+3ktI+mBTIx2gWCQqiDi73TaSmO
Jd64y2mKWATnwdhtR8M96xS8NHBB7bekvD8vQ58VY9fEfRMW2fA/UDirSQtlBfuU
0r9OLHIYhm5usigb3AddXx8EwzU7yaa3pRlI4CCgCOUdFrA7g0PcwZgr1dtaIV75
nOrLGDT0D19PGC3I+F52UgOVVQQUp31H1XwEszNy7yBHu7scJ0EX4/a16ZUTTNob
xQhif2GAnAOSI/KEXvvy
=3Z/x
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 07 May 2017 07:29:20 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Oct 11 11:38:24 2017;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.