Download: http://www.courier-mta.org/download.php
This is an errata release to 0.50 that fixes a bug in SPF checking code. Soft DNS failures weren't handled properly when looking up SPF records. Potential memory corruption.
As an alternative to downloading and building a new tarball, existing installations will find it easier to apply the following patch:
Index: rfc1035/spf.c
===================================================================
RCS file: /cvsroot/courier/libs/rfc1035/spf.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -U3 -r1.6 -r1.7
--- rfc1035/spf.c 24 Jun 2005 17:47:33 -0000 1.6
+++ rfc1035/spf.c 3 Jul 2005 02:31:38 -0000 1.7
@@ -24,7 +24,7 @@
#endif
#endif
-static const char rcsid[]="$Id: spf.c,v 1.6 2005/06/24 17:47:33 mrsam Exp $";
+static const char rcsid[]="$Id: spf.c,v 1.7 2005/07/03 02:31:38 mrsam Exp $";
static void set_err_msg(char *errmsg_buf,
size_t errmsg_buf_size,
@@ -771,7 +771,7 @@
free(domain_spec);
- if (rc < 0)
+ if (rc != 0)
{
set_err_msg(info->errmsg_buf, info->errmsg_buf_size,
"IP address lookup failed.\n");
pgph9YaIG6UmL.pgp
Description: PGP signature
