Sendmail vulnerability
Mike Tancsa
mike at sentex.net
Wed Sep 17 10:43:18 PDT 2003
Looks like they have released http://www.sendmail.org/8.12.10.html
Are their plans to import/mfc this into stable ? No doubt a busy day for
the Sendmail folk as well :-(
---Mike
At 12:21 PM 17/09/2003, Jacques A. Vidrine wrote:
>You've probably already seen the latest sendmail vulnerability.
>
>http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html
>
>I believe you can apply the following patch to any of the security
>branches:
>
>http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18
>
>Download the patch and:
>
> # cd /usr/src
> # patch -p1 < /path/to/patch
> # cd /usr/src/usr.sbin/sendmail
> # make obj && make depend && make && make install
>
>
>Official advisory will go out later today.
>
>Cheers,
>--
>Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
>nectar at celabo.org . jvidrine at verio.net . nectar at freebsd.org . nectar at kth.se
>_______________________________________________
>freebsd-security at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list