Sendmail Vulnerability: critical

Matt Kettler mkettler at evi-inc.com
Wed Mar 22 20:48:14 GMT 2006


shrek-m at gmx.de wrote:
> On 22.03.2006 20:23, Dave wrote:
> 
>> I'm extremely concerned about this sendmail vulnerability, i've heard
>> of it now through this forum and on a FreeBSD security list. The fbsd
>> boxes i'm not concerned with, we don't use sendmail on them, but on an
>> rh9, and two fc3 boxes we do use sendmail from rpm's along with
>> MailScanner. I did not set this up, and i am not a sendmail guru, and
>> i'm concerned that correcting this issue maybreak functionality for
>> customers. Any updated rpms i'd appreciate.
> 
> 
> for rhl9, fc3 you should know fedoralegacy
> http://fedoralegacy.org/updates/RH9/
> http://fedoralegacy.org/updates/FC3/
> 

Yep, although legacy packages for RH9 and FC3 have not yet been published.

However, that is where they'll be published.

It's also worth considering the legacy build of yum. It is pre-configured to get
packages from this repository.

To get it dig down into the correct processor platform and get the yum RPM from:

http://download.fedoralegacy.org/redhat/9/legacy-utils/
http://download.fedoralegacy.org/fedora/3/legacy-utils/


You'll also want to do an rpm --import on the key found at:

http://www.fedoralegacy.org/FEDORA-LEGACY-GPG-KEY


More information about the MailScanner mailing list