Date: Thu, 03 Apr 1997 17:10:49 -0500 From: "Gary Palmer" <gpalmer@freebsd.org> To: freebsd-isp@freebsd.org Cc: freebsd-security@freebsd.org Subject: Another INND security hole. Message-ID: <13819.860105449@orion.webspan.net>
next in thread | raw e-mail | index | archive | help
Hope I'm not out of line forwarding this before the CERT advisory... It's probably all over bugtraq already tho. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info ------- Forwarded Message From: owner-inn-announce@vix.com Message-Id: <199704032026.MAA17781@gw.home.vix.com> Sender: owner-inn-announce@vix.com Precedence: bulk You heard it here first (CERT will be making an announcement shortly). There's another problem in INN. This time all versions. It's actually more of a problem with UCB Mail, and if you don't use UCB Mail as the _PATH_MAILCMD definition in your config.data, then you're not affected, but I suggest doing the fix anyway.... There's a new patch (to the same script as the previous security announcement) in ftp://ftp.isc.org/isc/inn/patches/security-patch.04 NOTE. If you are running a version older than 1.5.1, then you *must* first apply the appropriate patch mentioned previously here and in the CERT announcement of about 6 weeks ago (i.e. one of security-patch.01, security-patch.02 or security-patch.03) The web page http://www.isc.org has a section on the new security issue, and part on how to install the patch, if you don't know what to do. James - -- James Brister brister@vix.com Internet Software Consortium http://www.isc.org inn@isc.org ------- End of Forwarded Message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13819.860105449>