Date: Sat, 25 Mar 2006 10:02:04 +0200 From: Yaroslav Shvets <freebsd@syskit.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail Message-ID: <17539855459.20060325100204@syskit.com> In-Reply-To: <20060324125628.GA63626@ip.net.ua> References: <200603221611.k2MGBV21010114@freefall.freebsd.org> <20060323103739.X90993@atlantis.atlantis.dp.ua> <20060324125628.GA63626@ip.net.ua>
index | next in thread | previous in thread | raw e-mail
Hello Ruslan, Friday, March 24, 2006, 2:56:28 PM, you wrote: >> This doesn't change sendmail's identification string - it's still "8.13.1" >> on RELENG_4_11, which makes detection of unpatched systems more difficult >> to sysadmin. Wouldn't be wise to add, say, "-p1" to this string in >> version.c? RE> It depends on what you think about whether it's good or not RE> that it's undetectable. I prefer it to be not-detectable. After update I have seen version numbers (8.13.1 for RELENG_4_11 and 8.13.4 for RELENG_6_0). Got check for the safe version on sendmail.org - 8.13.6 and ... rebuilt new sendmail again manually. Some people have decided, that there was a mistake. IMHO, it was necessary to fix version numbers. Everyone know, how it to hide. -- Best regards, Yaroslav Shvets mailto: freebsd@syskit.com icq: 105666home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17539855459.20060325100204>