Date: Fri, 18 Aug 1995 04:58:51 +0100 From: Gary Palmer <gary@palmer.demon.co.uk> To: ywliu@beta.wsl.sinica.edu.tw Cc: freebsd-security@freebsd.org Subject: Re: (fwd) CERT Advisory CA-95:08 - Sendmail v.5 Vulnerability Message-ID: <8627.808718331@palmer.demon.co.uk> In-Reply-To: Your message of "Fri, 18 Aug 1995 09:56:21 %2B0800." <199508180207.TAA23558@freefall.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199508180207.TAA23558@freefall.FreeBSD.org>, ywliu@beta.wsl.sinica. edu.tw writes: >I just wonder I am using 2.05R, do I need to switch to sendmail 8.6.12 ? FreeBSD 2.0.5 or later will not be vunerable to the described attack, as it ships with sendmail 8.6.11 or later (which, according to the CERT posting, are `safe' versions). If you are particularly paranoid, you can grab sendmail 8.6.12 from ftp://ftp.cs.berkeley.edu/pub/src/sendmail (I think). It should compile under FreeBSD without trouble (I've done it before a couple of times). Alternatively, 8.6.12 is also in the -current FreeBSD source tree, available from all good SUP servers and FTP mirrors. Gary
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8627.808718331>