It seems that both a new kernel version (2.2.16), and a new version of sendmail have been released to fix a very serious security bug.
See http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt Shouldn't both sendmail and the current kernel be updated ASAP ? Also : ---------------------------------------------------------------------- A bug in xinetd versions prior to 2.1.8.8p3 will cause xinetd to allow connections to anyone if the configuration specifies a limitation to a hostname(s), and the incoming connection does not have a valid reverse DNS entry. Upgrade to version 2.1.8.8p3, available at: www.synack.net/xinetd/ ---------------------------------------------------------------------- (source http://www.sans.org ) Shouldn't it also be updated ? -- Jean-Philippe Guérard
