Sendmail Vulnerability: critical
cstone at axint.net
Thu Mar 23 22:37:13 GMT 2006
> I'm in the same position, Dave. My current (but soon to be replaced)
> server is running RH9. I just installed the legacy yum (thanks Matt
> Kettler for pointing this out) but on running yum update I find I've a list
> of 85 updates which I'm loathe to install on a live server unless they're
> absolutely critical - see http://www.secondarymail.net/updates.txt for the
> list yum presented to me.
> I reckon my best option is to wait for the updated Sendmail to be put on
> http://download.fedoralegacy.org/redhat/9/updates/i386/ and use the "yum
> install <packagename>" option to install just the updated Sendmail.
I just updated a RH9 system using the 8.13.6 RPMs from
http://www.city-fan.org/ftp/contrib/mail/?C=N;O=A. And this was one that had
the sendmail 8.12.x installed and then 8.13.3 installed top of it compiled
from source. Didn't want to recompile from source for this one so just used
the RPM from city-fan and ran it with rpm -Uvh and it's working fine.
More information about the MailScanner