Sendmail Vulnerability: critical

James Gray james at
Thu Mar 23 06:24:01 GMT 2006

On Thu, 23 Mar 2006 06:51, Rob Poe wrote:
> I ran a yum update, got the new sendmail rpms (and 4.3, i think too for
> our 4.3 boxen) .. looks like centos was right on it..

Hmm, I ran the same update here and here's what RPM reports:

rpm -qa|grep sendmail ; uname -a ; cat /etc/redhat-release
Linux 2.6.9-34.EL #1 Wed Mar 8 00:07:35 CST 2006 i686 i686 
i386 GNU/Linux
CentOS release 4.3 (Final)

Seems CentOS 4.3 is still on Sendmail 8.13.1.  No idea if the 8.13.6 patch 
has been back-ported though.

Still the SRPM from here:

Does compile on CentOS 4.3.  Just did it :)



-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the MailScanner mailing list