From owner-freebsd-questions Tue Mar 4 4:16:43 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EB84137B401; Tue, 4 Mar 2003 04:16:40 -0800 (PST) Received: from fat_man.ascendency.net (12-211-152-75.client.attbi.com [12.211.152.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8FB443FBD; Tue, 4 Mar 2003 04:16:39 -0800 (PST) (envelope-from mike@ascendency.net) Received: from mike (user-119bct7.biz.mindspring.com [66.149.179.167]) (authenticated) by fat_man.ascendency.net (8.11.6/8.11.6) with ESMTP id h24CGZK88390; Tue, 4 Mar 2003 06:16:36 -0600 (CST) (envelope-from mike@ascendency.net) Reply-To: From: "Mike Loiterman" To: "'Matthew Seaman'" , "'Giorgos Keramidas'" Cc: Subject: RE: Sendmail patch questions... Date: Tue, 4 Mar 2003 06:14:49 -0600 Message-ID: <005f01c2e247$aa08e420$0301a8c0@mike> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 In-Reply-To: <20030304082026.GB6551@happy-idiot-talk.infracaninophi> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG =20 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, March 04, 2003 2:20 AM Matthew Seaman = wrote: > On Tue, Mar 04, 2003 at 04:22:49AM +0200, Giorgos Keramidas wrote: >=20 >> PS: You can always upgrade to RELENG_4. Gregory Neil Shapiro, the >> maintainer of Sendmail on FreeBSD, has already merged the latest >> Sendmail version (8.12.8) to the RELENG_4 branch. >=20 > Actually, according to what I can see in a quick trawl through cvsweb, > he's MFC'd sendmail patches on all RELENG_x and RELENG_x_y branches > back to and including RELENG_3: >=20 > =20 > = http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/sendmail/src/?sortby=3D= date&only_with_tag=3DRELENG_3 >=20 > However, it seems that his modifications don't constitute a complete > upgrade to sendmail-8.12.8 except on RELENG_4 and HEAD. Hence the > confusion over the binary updates given in the original security > alert. Your sendmail binary will be immune to this attack if you've > built it out of a recently cvsup'd source tree or installed one of the > binary patches so that: >=20 > -- you're running sendmail-8.12.8 or better >=20 > or >=20 > -- the string 'Dropped invalid comments from header address' > appears in the sendmail binary. >=20 > Thanks to Claus Assmann for pointing out the second test. >=20 > Cheers, >=20 > Matthew Thanks Matt. Few questions though: 1. What is `BP'? 2. I appllied the patch and now I'm building world with my exsisting = 4.4 sources. Is this not `safe' as cvsuping and then buidling world? = I'm not sure I understand the implications of not cvsuping, especially = since the patch has been applied to 8.11.6 in the 4.4 branch. - ------------------------------------------- Randomly Generated Quote: A free society is one where it's safe to be unpopular. --Adlai E. Stevenson Mike Loiterman PGP Key 0xD1B9D18E http://www.ascendency.net -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 Comment: This message has been digitally signed by Mike Loiterman iQA/AwUBPmSYuGjZbUnRudGOEQJWPgCgvbrt9oAX6RJy/T4kHvX+aP+8v9AAnRDu mQLlUgh4bGNv8SB8ormwrzq9 =3D3Qur -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message