From owner-freebsd-security Sat Jan 22 9: 2:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from sand2.sentex.ca (sand2.sentex.ca [209.167.248.3]) by hub.freebsd.org (Postfix) with ESMTP id F1ECE14CAE for ; Sat, 22 Jan 2000 09:02:45 -0800 (PST) (envelope-from mike@sentex.net) Received: from p10 (ospf-mdt.sentex.net [205.211.164.81]) by sand2.sentex.ca (8.9.3/8.9.3) with SMTP id MAA81647 for ; Sat, 22 Jan 2000 12:02:40 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <4.1.20000122115759.0091adc0@granite.sentex.ca> X-Sender: mdtancsa@granite.sentex.ca X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sat, 22 Jan 2000 12:01:20 -0500 To: freebsd-security@freebsd.org From: Mike Tancsa Subject: Majordomo - ports or new version Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The AUScert advisory mentions that > The vendors of majordomo have produced a minor software release which > addresses the vulnerability in versions 1.94.4 and earlier. Sites using > affected versions should immediately upgrade to majordomo 1.94.5 which > is available from: > > ftp://ftp.greatcircle.com/pub/majordomo/1.94.5/majordomo-1.94.5.tgz > ftp://ftp.sgi.com/other/majordomo/majordomo-1.94.5.tgz I know in the ports there are patches against .4 to address this issue, but does anyone have any reccomendations on which to use ? .4 patches out of the ports, or .5 direct from greatcircle ? ---Mike ********************************************************************** Mike Tancsa * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 519 651 3400 Canada * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message