Sendmail Vulnerability: critical

James Gray james at
Thu Mar 23 22:02:48 GMT 2006

On Thu, 23 Mar 2006 09:38 pm, Will McDonald wrote:
> On 22/03/06, Stephen Swaney <steve.swaney at> wrote:
> > Ugo,
> >
> >  Right now we can only update red hat systems that are registered to run
> > up2date.
> >
> > I'll leep and eye out for the CentOS patches and I'll build a new
> > sendmail-8.13.6 rpms for The 3.0 systems we've updated to
> > sendmail-8.13.x.
> CentOS users, check which mirror your using/syncing from. We've been
> using Sunsite UK, checking for updates today I noticed they're still
> on CentOS4.2 and don't have the Sendmail updates.
> had CentOS 4.3 and the latest updates.

Given that CentOS is derived from RHEL, I thought I'd mention that RHEL only 
got updates about 12 hours ago for Sendmail (notified via RedHat Network - 
RHN).  It may take a little longer to filter through the CentOS mirrors.

Also the 8.13.6 srpm I compiled yesterday for CentOS 4.3 has performed without 
a hitch - including milter-greylist.  Just in case anyone is interested.


Sex, Drugs & Linux Rules
	-- MaDsen Wikholm, mwikholm at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the MailScanner mailing list