Friday 19th September 2008
Local Packages
Updated libpng10 to 1.0.40
In mid-June I tracked down some SELinux denials during mail delivery to a leaked socket descriptor in libmilter (part of sendmail). I was still getting a small number of similar denials and today I tracked them down to the fact that the other end of the same socket connection (this time in the main sendmail dæmon itself) didn't set the close-on-exec flag either, and that descriptor would leak into the local delivery process. I hacked together a patch, included in my sendmail-8.14.3-1.4.CF package, and that cleared up the SELinux denials. I sent the patch upstream (as I did in June) and hopefully the issue will be addressed in the next upstream release, whenever that is (the previous patch wasn't seen as a severe issue and I doubt that this one will be either).
Fedora Project
Updated libpng10 to 1.0.40 in Rawhide