Sendmail Vulnerability: critical
shrek-m at gmx.de
shrek-m at gmx.de
Thu Mar 23 06:41:24 GMT 2006
On 23.03.2006 07:24, James Gray wrote:
>On Thu, 23 Mar 2006 06:51, Rob Poe wrote:
>
>
>>I ran a yum update, got the new sendmail rpms (and 4.3, i think too for
>>our 4.3 boxen) .. looks like centos was right on it..
>>
>>
>
>Hmm, I ran the same update here and here's what RPM reports:
>
>rpm -qa|grep sendmail ; uname -a ; cat /etc/redhat-release
>sendmail-devel-8.13.1-2
>sendmail-8.13.1-2
>sendmail-cf-8.13.1-2
>Linux clacks.ocs.au.com 2.6.9-34.EL #1 Wed Mar 8 00:07:35 CST 2006 i686 i686
>i386 GNU/Linux
>CentOS release 4.3 (Final)
>
>Seems CentOS 4.3 is still on Sendmail 8.13.1. No idea if the 8.13.6 patch
>has been back-ported though.
>
>
`rpm -q --changelog` should tell you for what you are looking
eg.
--------
$ rpm -qp --changelog
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/i386//sendmail-8.13.6-0.FC4.1.i386.rpm
| head
* Mi Mär 22 2006 Thomas Woerner <twoerner at redhat.com> 8.13.6-0.FC4.1
- new version 8.13.6 (fixes VU#834865)
- dropped libmilter-sigwait patch (fixed in 8.13.6)
- fixed selinuxenabled path in initscript
- appended 'dnl' to cert tags in sendmail.mc
- fixed email address in changelog
* Sa Mai 07 2005 Thomas Woerner <twoerner at redhat.com> 8.13.4-2
--------
>Still the SRPM from here:
>ftp://linux-kernel.at/packages/lkernAT/SRPMS/sendmail-8.13.6-1.src.rpm
>
>Does compile on CentOS 4.3. Just did it :)
>
>
--
shrek-m
More information about the MailScanner
mailing list