From c6ddbd2a75859c46dca674d105cc1f16d5383db6 Mon Sep 17 00:00:00 2001
From: xinghe <xinghe2@h-partners.com>
Date: Tue, 13 Dec 2022 11:37:28 +0000
Subject: [PATCH] fix sendmail.pem unsafe

(cherry picked from commit 8696486ee6d8ad7db2798a51f84751be9b1a97f4)
---
 sendmail.spec | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/sendmail.spec b/sendmail.spec
index cd7a897..54fff6a 100644
--- a/sendmail.spec
+++ b/sendmail.spec
@@ -1,6 +1,6 @@
 Name:          sendmail
 Version:       8.17.1
-Release:       5
+Release:       6
 Summary:       A classic mail transfer agent from the Unix world
 License:       Sendmail
 URL:           http://www.sendmail.org/
@@ -344,7 +344,7 @@ if [ ! -f %{_sysconfdir}/pki/tls/certs/sendmail.pem ]; then
     %{_bindir}/openssl req -new -key %{_sysconfdir}/pki/tls/private/sendmail.key -x509 -sha256 \
         -days 365 -set_serial $RANDOM -out %{_sysconfdir}/pki/tls/certs/sendmail.pem \
         -subj "/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=${FQDN}/emailAddress=root@${FQDN}"
-    chmod 644 %{_sysconfdir}/pki/tls/certs/sendmail.pem
+    chmod 600 %{_sysconfdir}/pki/tls/certs/sendmail.pem
 fi
 
 exit 0
@@ -467,6 +467,12 @@ exit 0
 
 
 %changelog
+* Tue Dec 13 2022 xinghe <xinghe2@h-partners.com> - 8.17.1-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: fix sendmail.pem unsafe
+
 * Wed Oct 12 2022 yanglu<yanglu72@h-partners.com> - 8.17.1-5
 - Type:bugfix
 - ID:NA
-- 
Gitee