Sendmail Vulnerability: critical

bburns at bburns at
Fri Mar 24 02:53:47 GMT 2006

re: sendmail on older versions of RedHat

Did anyone try the old "errata" trick?

1) install the sendmail source from a currently maintained version of

2) change the errata variable in the specfile as described here:

3)cd to the directory containing SPEC files and...
> rpmbuild -ba sendmail*.spec

4)cd to the directory that newly built RPMS reside in and...
> rpm -ivh sendmail*.rpm

I don't have an older RedHat that needs a sendmail update right now, but
I'm curious to hear if this method still works.


> On Thu, 23 Mar 2006 09:38 pm, Will McDonald wrote:
>> On 22/03/06, Stephen Swaney <steve.swaney at> wrote:
>> > Ugo,
>> >
>> >  Right now we can only update red hat systems that are registered to
>> run
>> > up2date.
>> >
>> > I'll leep and eye out for the CentOS patches and I'll build a new
>> > sendmail-8.13.6 rpms for The 3.0 systems we've updated to
>> > sendmail-8.13.x.
>> CentOS users, check which mirror your using/syncing from. We've been
>> using Sunsite UK, checking for updates today I noticed they're still
>> on CentOS4.2 and don't have the Sendmail updates.
>> had CentOS 4.3 and the latest updates.
> Given that CentOS is derived from RHEL, I thought I'd mention that RHEL
> only
> got updates about 12 hours ago for Sendmail (notified via RedHat Network -
> RHN).  It may take a little longer to filter through the CentOS mirrors.
> Also the 8.13.6 srpm I compiled yesterday for CentOS 4.3 has performed
> without
> a hitch - including milter-greylist.  Just in case anyone is interested.
> Cheers,
> James
> --
> Sex, Drugs & Linux Rules
> 	-- MaDsen Wikholm, mwikholm at
> --
> MailScanner mailing list
> mailscanner at
> Before posting, read
> Support MailScanner development - buy the book off the website!

Notice: This e-mail is intended solely for use of the individual or entity to which it is addressed and may contain information that is proprietary, privileged, company confidential and/or exempt from disclosure under applicable law. 
If the reader is not the intended recipient or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. 
This communication may also contain data subject to the International Traffic in Arms Regulations or U.S. Export Administration Regulations and cannot be disseminated, distributed or copied to foreign nationals, residing in the U.S. or abroad, without the prior approval of the U.S. Department of State or appropriate export licensing authority. 
If you have received this communication in error, please notify the sender by reply e-mail or collect telephone call and delete or destroy all copies of this e-mail message, any physical copies made of this e-mail message and/or any file attachment(s).

More information about the MailScanner mailing list