Date: Wed, 17 Sep 2003 11:21:18 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: freebsd-security@freebsd.org Subject: Sendmail vulnerability Message-ID: <20030917162118.GB4838@madman.celabo.org>
next in thread | raw e-mail | index | archive | help
You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch # cd /usr/src/usr.sbin/sendmail # make obj && make depend && make && make install Official advisory will go out later today. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030917162118.GB4838>