From owner-freebsd-security Wed Mar 5 5:43:53 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE19C37B401 for ; Wed, 5 Mar 2003 05:43:50 -0800 (PST) Received: from www.unsam.edu.ar (ns2.unsam.edu.ar [170.210.48.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id D874743FB1 for ; Wed, 5 Mar 2003 05:43:47 -0800 (PST) (envelope-from fernan@pi.iib.unsam.edu.ar) Received: from pi.iib.unsam.edu.ar (pi.iib.unsam.edu.ar [192.168.10.11]) by www.unsam.edu.ar (8.9.3/8.9.3) with ESMTP id KAA31776 for ; Wed, 5 Mar 2003 10:43:45 -0300 (ART) (envelope-from fernan@pi.iib.unsam.edu.ar) Received: from pi.iib.unsam.edu.ar (localhost.iib.unsam.edu.ar [127.0.0.1]) by pi.iib.unsam.edu.ar (8.12.8/8.12.7) with ESMTP id h25DhWpf019846 for ; Wed, 5 Mar 2003 10:43:33 -0300 (ART) (envelope-from fernan@pi.iib.unsam.edu.ar) Received: (from fernan@localhost) by pi.iib.unsam.edu.ar (8.12.8/8.12.7/Submit) id h25DhWLu019845 for freebsd-security@freebsd.org; Wed, 5 Mar 2003 10:43:32 -0300 (ART) Date: Wed, 5 Mar 2003 10:43:32 -0300 From: Fernan Aguero To: FreeBSD Security Subject: is my sendmail OK? (Was: Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail [REVISED]) Message-ID: <20030305134332.GA12578@iib.unsam.edu.ar> Mail-Followup-To: FreeBSD Security References: <200303041803.h24I3RUO030333@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200303041803.h24I3RUO030333@freefall.freebsd.org> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org +----[ (04.Mar.2003 15:19): | | 2) To patch your present system: | | The following patch has been verified to apply to FreeBSD 5.0, 4.7, | and 4.6 systems. | | a) Download the relevant patch from the location below, and verify the | detached PGP signature using your PGP utility. | | ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:04/sendmail.patch | ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:04/sendmail.patch.asc | | b) Execute the following commands as root: | | # cd /usr/src | # patch < /path/to/patch I already cvsupped my sources yesterday evening (GMT-03), when trying to apply the patch, it said that: Patching file contrib/sendmail/src/daemon.c using Plan A... Reversed (or previously applied) patch detected! Assume -R? [y] So, may I assume that the source contained the patch? I then went on to the following, | # cd /usr/src/lib/libsm | # make obj && make depend && make | # cd /usr/src/lib/libsmutil | # make obj && make depend && make | # cd /usr/src/usr.sbin/sendmail | # make obj && make depend && make && make install no problems here. So i restarted sendmail, | c) Restart sendmail. Execute the following command as root. | | # /bin/sh /etc/rc.sendmail restart but then strings /usr/sbin/sendmail | grep Dropped produces no output. My system: FreeBSD pi.iib.unsam.edu.ar 4.8-RC FreeBSD 4.8-RC #0: Mon Mar 3 11:44:37 ART 2003 fernan@pi.iib.unsam.edu.ar:/usr/obj/usr/src/sys/PI i386 My sendmail (after the update): 220 pi.iib.unsam.edu.ar ESMTP Sendmail 8.12.8/8.12.7; Wed, 5 Mar 2003 10:40:00 -0300 (ART) | +----] -- F e r n a n A g u e r o http://genoma.unsam.edu.ar/~fernan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message