Date: Thu, 12 Oct 1995 13:11:04 +0100 (BST) From: Karl Strickland <karl@bagpuss.demon.co.uk> To: Dima Ruban <dima@freebsd.org> Cc: roberto@keltia.freenix.fr, pete@puffin.pelican.com, julian@ref.tfs.com, hackers@freebsd.org Subject: Re: TCP/IP Spoofing etc. Message-ID: <199510121211.NAA21217@bagpuss.demon.co.uk> In-Reply-To: <199510110046.RAA13618@freefall.freebsd.org> from "Dima Ruban" at Oct 10, 95 05:46:37 pm
next in thread | previous in thread | raw e-mail | index | archive | help
>
> Ollivier Robert writes:
> >
> > It seems that Pete Carah said:
> > > The latest cert report was a summary of the 'announced' bugs which are
> > > still outstanding on popular systems... I don't know which ones we are
> > > susceptible to; we are using the latest (or next-latest) sendmail which
> > > has plugged many of them.
> >
> > Speaking of sendmail, can we import 8.7.1 in -CURRENT ?
>
> 8.7.1 has a bit different sendmail.cf ....
I would suggest waiting a while before importing sendmail 8.7.x. Apparently
an awful lot of code has changed or been-added since 8.6.12, and as far as I
know, nobody has performed a security audit on the 8.7.1 code yet.
Unless there are compelling reasons to go to 8.7.1 now, I would say 'better
with the devil you know', at least for the time being.
--
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD | Karl Strickland
PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk
|
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510121211.NAA21217>