Date: Wed, 17 Sep 2003 13:46:14 -0400 From: Mike Tancsa <mike@sentex.net> To: "Jacques A. Vidrine" <nectar@freebsd.org>, freebsd-security@freebsd.org Cc: gshapiro@freebsd.org Subject: Re: Sendmail vulnerability Message-ID: <6.0.0.22.0.20030917134441.08ac86a8@209.112.4.2> In-Reply-To: <20030917162118.GB4838@madman.celabo.org> References: <20030917162118.GB4838@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Looks like they have released http://www.sendmail.org/8.12.10.html Are their plans to import/mfc this into stable ? No doubt a busy day for the Sendmail folk as well :-( ---Mike At 12:21 PM 17/09/2003, Jacques A. Vidrine wrote: >You've probably already seen the latest sendmail vulnerability. > >http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html > >I believe you can apply the following patch to any of the security >branches: > >http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 > >Download the patch and: > > # cd /usr/src > # patch -p1 < /path/to/patch > # cd /usr/src/usr.sbin/sendmail > # make obj && make depend && make && make install > > >Official advisory will go out later today. > >Cheers, >-- >Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal >nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.0.20030917134441.08ac86a8>