From owner-freebsd-questions Mon Mar 3 17:11:29 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51CB337B401 for ; Mon, 3 Mar 2003 17:11:28 -0800 (PST) Received: from mired.org (ip68-97-54-220.ok.ok.cox.net [68.97.54.220]) by mx1.FreeBSD.org (Postfix) with SMTP id 36E9C43FA3 for ; Mon, 3 Mar 2003 17:11:27 -0800 (PST) (envelope-from mwm-dated-1047172285.70e9d4@mired.org) Received: (qmail 24546 invoked from network); 4 Mar 2003 01:11:25 -0000 Received: from localhost.mired.org (HELO guru.mired.org) (127.0.0.1) by localhost.mired.org with SMTP; 4 Mar 2003 01:11:25 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15971.64828.928573.787891@guru.mired.org> Date: Mon, 3 Mar 2003 19:11:24 -0600 To: Kris Kennaway Cc: Oscar Ricardo Silva , freebsd-questions@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail In-Reply-To: <20030303224113.GC73696@rot13.obsecurity.org> References: <200303031711.h23HBbVf059406@freefall.freebsd.org> <5.1.0.14.2.20030303155440.01a87a80@scuff.cc.utexas.edu> <20030303224113.GC73696@rot13.obsecurity.org> X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`; h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: Mike Meyer X-Delivery-Agent: TMDA/0.70 (Pensive) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In <20030303224113.GC73696@rot13.obsecurity.org>, Kris Kennaway typed: > On Mon, Mar 03, 2003 at 03:56:40PM -0600, Oscar Ricardo Silva wrote: > > Anybody know how we should approach this for older versions of FreeBSD? Is > > upgrading source and rebuilding the only way? I was wondering if there > > were binary versions or patches for older versions so we don't have > > upgrade, rebuild and reboot. > What you see in the advisory is all that is provided by FreeBSD. If > you're on an older release, it's not supported any longer and you need > to figure out how to fix it on your own. That may involve upgrading > to a supported release, or manually fixing the problem described in > the advisory. In this case you can probably disable the base system > sendmail and use the sendmail port. Or the postfix port, or the qmail port, or the exim port. At least two of those three have had zero security problems, and it's probably true for all three of them. http://www.mired.org/consulting.html Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message