From owner-freebsd-security Tue Mar 4 6:36:10 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E360937B401 for ; Tue, 4 Mar 2003 06:36:06 -0800 (PST) Received: from spxgate.servplex.com (ip66-105-58-82.z58-105-66.customer.algx.net [66.105.58.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id D903C43F75 for ; Tue, 4 Mar 2003 06:36:05 -0800 (PST) (envelope-from peter@servplex.com) Received: from peter.servplex.com ([192.168.0.96]) by spxgate.servplex.com (8.12.6/8.12.6) with ESMTP id h24EkiMe063777; Tue, 4 Mar 2003 08:46:44 -0600 (CST) (envelope-from peter@servplex.com) Message-Id: <5.2.0.9.2.20030304083444.01b72bd8@mail.servplex.com> X-Sender: peter@mail.servplex.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Tue, 04 Mar 2003 08:36:18 -0600 To: hans@nyphp.org From: Peter Elsner Subject: Re: SA-03:04.sendmail Bin Update Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20030304022901.70698.qmail@web12806.mail.yahoo.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Step by step instructions ftp sendmail.org login anonymously cd pub/sendmail get sendmail-8.12.8.tar.gz quit tar xvzf sendmail-8.12.8.tar.gz cd sendmail-8.12.8 ./Build ./Build install kill -1 (SIGHUP) sendmail You're now upgraded.... At 06:29 PM 3/3/2003 -0800, you wrote: >--- Chris McCluskey wrote: > > > > Ok... > > > > Here's what I show: > > > > namehere# telnet namehere 25 > > Trying 192.x.y.z... > > Connected to namehere.digitaldeck.com. > > Escape character is '^]'. > > 220 namehere.digitaldeck.com ESMTP Sendmail 8.12.6/8.12.6; Mon, 3 Mar > > 2003 16:22:53 -0800 (PST) > > > > namehere# strings sendmail-4.7-i386-nocrypto.bin |grep 8.12 > > @(#)$Id: safefile.c,v 8.124 2002/05/24 20:50:15 gshapiro Exp $ > > 8.12.6 > > > > I have been tracking RELENG_4_7 and it looks like 4.12.6 to me. So > > again, I want to make sure that this version of Sendmail has been > > patched. What's the best verification procedure to insure that the > > patched version is online? > >I'm in the exact same situation. I replaced the sendmail binary but it shows >the same sig as before. While I have great confidence in the FreeBSD team, >is there some way I can validate everything is kosher? > >Hans > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message ---------------------------------------------------------------------------------------------------------- Peter Elsner Vice President Of Customer Service (And System Administrator) 1835 S. Carrier Parkway Grand Prairie, Texas 75051 (972) 263-2080 - Voice (972) 263-2082 - Fax (972) 489-4838 - Cell Phone (425) 988-8061 - eFax I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say "Daddy, where were you when they took freedom of the press away from the Internet?" -- Mike Godwin Unix IS user friendly... It's just selective about who its friends are. System Administration - It's a dirty job, but somebody said I had to do it. If you receive something that says 'Send this to everyone you know, pretend you don't know me. Standard $500/message proofreading fee applies for UCE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message